John Byrd

**Name of the Vulnerable Software and Affected Versions** Crypto++ version 5.6.4 **Description** The issue arises from the incorrect usage of Microsoft's stack-based malloca and freea functions in the Crypto++ library. Specifically, when the library requests a block of memory to align a table, and if the table is later reallocated, it could lead to freeing the wrong pointer. **Recommendations** For Crypto++ version 5.6.4, consider avoiding reallocation of tables that have been previously aligned in memory until a fix is available. As a temporary workaround, review and modify the memory allocation and deallocation code to correctly handle table reallocations and avoid freeing incorrect pointers.