Ghidra · Ghidra · CVE-2024-58350
**Name of the Vulnerable Software and Affected Versions**
Ghidra versions prior to 11.2
**Description**
A use after free issue exists in the Sleigh backend due to an undefined static initialization order of the `SleighArchitecture::translators` and `XmlArchitectureCapability` singletons. This unsafe destruction order can lead to iteration over deallocated memory, allowing attackers to trigger an infinite loop or a denial of service during shutdown.
**Recommendations**
Update to version 11.2.