Description
Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns the`readMSH` function while processing `MshLoader::ELEMENT_TET` elements.
References (2)
Core 2
Core References
Technical Description, Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928
Technical Description, Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928
Scores
CVSS v3
4.3
EPSS
0.0026
EPSS Percentile
49.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (1)
libigl/libigl
2.5.0
Published
May 28, 2024
Tracked Since
Feb 18, 2026