OpenFHE 1.2.3 及以下版本存在空指针解引用漏洞
CVE-2024-56430漏洞影响libtheora 1.2.3及以下版本,在BinFHEContext::EvalFloor函数中存在空指针解引用问题,可能导致应用崩溃,已修复于v1.2.3。 2025-4-25 15:52:0 Author: seclists.org(查看原文) 阅读量:13 收藏
CVE-2024-56430漏洞影响libtheora 1.2.3及以下版本,在BinFHEContext::EvalFloor函数中存在空指针解引用问题,可能导致应用崩溃,已修复于v1.2.3。 2025-4-25 15:52:0 Author: seclists.org(查看原文) 阅读量:13 收藏
oss-sec mailing list archives
From: "xiaolin" <dongxiaolin () deepin org>
Date: Fri, 25 Apr 2025 15:14:56 +0800
Severity: - moderate Affected versions: - libtheora through 1.2.3 Fixed software: - v1.2.3 Description: This issue involves a NULL pointer dereference in the BinFHEContext::EvalFloor function within the lib/binfhe-base-scheme.cpp file. potentially resulting in an application crash by triggering the dereference of a NULL pointer. For more information ------------------------------------------------------------- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56430 https://github.com/UnionTech-Software/openfhe-PoC https://github.com/openfheorg/openfhe-development/blob/7b8346f4eac27121543e36c17237b919e03ec058/src/binfhe/lib/binfhe-base-scheme.cpp#L307-L308
Current thread:
- CVE-2024-56430: openfhe: OpenFHE through 1.2.3 has a NULL pointer dereference bug xiaolin (Apr 25)
文章来源: https://seclists.org/oss-sec/2025/q2/94
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh