CVE-2024-50610

Опубликовано: 27 окт. 2024

Источник: redhat

CVSS3: 3.6

EPSS Низкий

Описание

GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs.

A flaw was found in the GNU Scientific Library (GSL). A specially-crafted payload can trigger incorrect memory allocation, which can lead to memory corruption or an application crash.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 7	gsl	Fix deferred
Red Hat Enterprise Linux 8	gsl	Fix deferred
Red Hat Enterprise Linux 9	gsl	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-190

https://bugzilla.redhat.com/show_bug.cgi?id=2322047gsl: integer overflow in gsl/siman/siman.c

EPSS

Процентиль: 12%

0.00039

Низкий

3.6 Low

CVSS3

Связанные уязвимости

CVE-2024-50610

CVSS3: 3.6

ubuntu

около 1 года назад

GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs.

CVE-2024-50610

CVSS3: 3.6

nvd

около 1 года назад

GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs.

CVE-2024-50610

CVSS3: 3.6

debian

около 1 года назад

GSL (GNU Scientific Library) through 2.8 has an integer signedness err ...

GHSA-pj8w-xcg3-82vx

CVSS3: 3.6

github

около 1 года назад

GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs.

EPSS

Процентиль: 12%

0.00039

Низкий

3.6 Low

CVSS3