Cyber Resilience

CVE-2024-24684

High

Published: 28 May 2024

Published
28 May 2024
Modified
12 February 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.2193 95.9th percentile
Risk Priority 29 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-24684 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Libigl Libigl. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 4.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-24684 is a stack-based buffer overflow in the readOFF function of libigl version 2.5.0. The flaw occurs during header parsing of .off files when an oversized first line exceeds the hardcoded 1000-byte comment buffer, allowing an out-of-bounds write via an unsafe fscanf call. The issue is tracked under CWE-121 and CWE-787 and carries a CVSS 3.1 score of 7.8.

An attacker can exploit the vulnerability by supplying a malicious .off file to any application that uses libigl's readOFF routine. Successful exploitation grants arbitrary code execution with the privileges of the affected process, potentially resulting in full confidentiality, integrity, and availability impact on the local system.

Public advisories published by Cisco Talos detail the vulnerability and provide the technical analysis referenced under TALOS-2024-1929; at the time of disclosure no vendor patch or mitigation guidance was included in the reports.

EPSS for this CVE has remained flat at 0.2193 with no material increase since publication.

EU & UK References

Vulnerability details

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the header parsing…

more

occuring while processing an `.off` file via the `readOFF` function. We can see above that at [0] a stack-based buffer called `comment` is defined with an hardcoded size of `1000 bytes`. The call to `fscanf` at [1] is unsafe and if the first line of the header of the `.off` files is longer than 1000 bytes it will overflow the `header` buffer.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

libigl
libigl
2.5.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References