CVE-2024-24685

Name of the Vulnerable Software and Affected Versions libigl version 2.5.0

Description Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability, which concerns the parsing of comments within the vertex section of an .off file processed via the readOFF function.

Recommendations For libigl version 2.5.0, consider disabling the readOFF function until a patch is available to prevent exploitation. Restrict access to files that could be used to trigger the buffer overflow, and avoid using the readOFF function to process untrusted .off files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.