CVE-2024-2002

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 18, 2024

Updated: Apr 19, 2024

CWE ID 415

Summary

CVE-2024-2002 is a newly disclosed vulnerability affecting the libdwarf library. This issue involves a double-free condition, where in a maliciously crafted DWARF object, the library may attempt to free memory that has already been released. The consequence of such an event can lead to unpredictable results, potentially causing serious issues in applications that rely on libdwarf for debugging information processing. Developers are encouraged to update to the latest version of the library to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ufnKFo
https://www.cve.org/CVERecord?id=CVE-2024-2002
https://nvd.nist.gov/vuln/detail/CVE-2024-2002

Back to Vulnerability Database

CVE-2024-2002

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations