Advisories » MGASA-2024-0300

Updated assimp packages fix security vulnerability

Publication date: 13 Sep 2024
Modification date: 13 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-40724

Description

Heap-based buffer overflow vulnerability in Assimp allows a local
attacker to execute arbitrary code by inputting a specially crafted file
into the program.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33531
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GRHXRZKHWQMKKB7V55J2TDPZAKJSN2BF/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40724

SRPMS

9/core

• assimp-5.2.2-4.1.mga9