CVE-2024-41147
Published: 04 March 2025
Summary
CVE-2024-41147 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Mackron Miniaudio. Its CVSS base score is 7.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 40.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
An out-of-bounds write vulnerability, tracked as CVE-2024-41147 and published on 2025-03-04, affects the ma_dr_flac__decode_samples__lpc functionality in Miniaudio version 0.11.21. This flaw, associated with CWE-122, can be triggered by a specially crafted FLAC file, resulting in memory corruption. The vulnerability carries a CVSS v3.1 base score of 7.7 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H), indicating high severity due to potential impacts on integrity and availability.
A remote attacker with no privileges or user interaction required can exploit this vulnerability over the network, though it demands high attack complexity. By providing a malicious FLAC file to an application using the affected Miniaudio component for decoding, the attacker can induce memory corruption, potentially leading to arbitrary code execution, data tampering, or denial of service.
The primary advisory from Talos Intelligence, available at https://talosintelligence.com/vulnerability_reports/TALOS-2024-2063, documents the vulnerability in detail. Security practitioners should consult this report for technical analysis, reproduction steps, and recommended mitigations, such as updating to a patched version of Miniaudio if available.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-54201
Vulnerability details
An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality of Miniaudio miniaudio v0.11.21. A specially crafted .flac file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The out-of-bounds write in FLAC decoding enables remote exploitation via a malicious file leading to memory corruption and arbitrary code execution in applications processing such files over the network with no user interaction required.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires timely identification, reporting, and remediation of flaws, directly addressing CVE-2024-41147 by mandating patches for the vulnerable Miniaudio library.
Implements memory protection mechanisms like non-executable memory and address space randomization to prevent exploitation of the out-of-bounds write in Miniaudio's FLAC decoder.
Validates inputs such as specially crafted FLAC files before processing to ensure consistency with expected formats, reducing the risk of triggering the memory corruption vulnerability.