CVE-2024-58350

Name of the Vulnerable Software and Affected Versions Ghidra versions prior to 11.2

Description A use after free issue exists in the Sleigh backend due to an undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. This unsafe destruction order can lead to iteration over deallocated memory, allowing attackers to trigger an infinite loop or a denial of service during shutdown.

Recommendations Update to version 11.2.