[<prev] [next>] [day] [month] [year] [list]
Message-ID: <tencent_2B35B8B96F6CA98A6B42272B@qq.com>
Date: Fri, 25 Apr 2025 15:14:56 +0800
From: "xiaolin" <dongxiaolin@...pin.org>
To: "oss-security" <oss-security@...ts.openwall.com>
Subject: CVE-2024-56430: openfhe: OpenFHE through 1.2.3 has a NULL pointer dereference bug
Severity:
- moderate
Affected versions:
- libtheora through 1.2.3
Fixed software:
- v1.2.3
Description:
This issue involves a NULL pointer dereference in the BinFHEContext::EvalFloor function within the lib/binfhe-base-scheme.cpp file.
potentially resulting in an application crash by triggering the dereference of a NULL pointer.
For more information
-------------------------------------------------------------
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56430
https://github.com/UnionTech-Software/openfhe-PoC
https://github.com/openfheorg/openfhe-development/blob/7b8346f4eac27121543e36c17237b919e03ec058/src/binfhe/lib/binfhe-base-scheme.cpp#L307-L308
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
