Upstream information
Description
A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).SUSE information
Overall state of this security issue: Analysis
This issue is currently rated as having moderate severity.
CNA (CISA-ADP) | |
---|---|
Base Score | 6.2 |
Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Attack Vector | Local |
Attack Complexity | Low |
Privileges Required | None |
User Interaction | None |
Scope | Unchanged |
Confidentiality Impact | None |
Integrity Impact | None |
Availability Impact | High |
CVSSv3 Version | 3.1 |
SUSE Timeline for this CVE
CVE page created: Fri Oct 25 00:00:50 2024CVE page last modified: Fri Nov 29 14:02:10 2024