CVE-2024-50610

gsl: integer overflow in gsl/siman/siman.c

Description

GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs.

INFO

Published Date :

2024-10-27T00:00:00.000Z

Last Modified :

2024-10-30T18:13:40.086Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2024-50610 vulnerability.

Vendors	Products
Gnu	Gnu Scientific Library

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50610.

URL	Resource
https://git.savannah.gnu.org/cgit/gsl.git/log/siman/siman.c
https://github.com/silviadefra/GolDRuSh/blob/main/vulnerabilities/gsl.md
https://nvd.nist.gov/vuln/detail/CVE-2024-50610
https://www.cve.org/CVERecord?id=CVE-2024-50610
https://www.gnu.org/software/gsl/doc/html/siman.html

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact