PT-2024-35739 · Pcl+3 · Pcl+3

Published

2024-11-21

Updated

2025-01-23

CVE-2024-53432

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions PCL version 1.14.1

Description The issue occurs when parsing certain malformed PLY files, causing PCL to crash due to an uncaught std::out of range exception in PCLPointCloud2::at(). This could potentially be exploited to cause a denial-of-service (DoS) attack when processing untrusted PLY files.

Recommendations For PCL version 1.14.1, consider disabling the PCLPointCloud2::at() function when processing untrusted PLY files until a patch is available. Restrict access to untrusted PLY files to minimize the risk of exploitation.

Fix

DoS

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

CVE-2024-53432

USN-7227-1

Affected Products

Debian

Linuxmint

Pcl

Ubuntu

PT-2024-35739 · Pcl+3 · Pcl+3

CVE-2024-53432

Weakness Enumeration

Related Identifiers

Affected Products

References · 11