CVE-2024-32920

High CVSS 7.1

Overview

In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE: CWE-125 Published: 2024-06-13T21:15:55.830

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.1 (HIGH)
Detected tags: info_leak, oob_read (tag impact: LOW)

Recommended actions:

Reduce verbose errors, remove debug endpoints, minimize PII in logs.

Overview

Recommended tools

Tags