High severity7.7NVD Advisory· Published Apr 25, 2024· Updated Jun 17, 2026
CVE-2024-22391
CVE-2024-22391
Description
A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- Range: <3.0.23
- osv-coords15 versionspkg:rpm/opensuse/gdcm&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-authorization&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-dicomweb&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-gdcm&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-gdcm&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/orthanc-indexer&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-mysql&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-neuro&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-postgresql&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-python&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-stl&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-tcia&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/orthanc-wsi&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/python-pyorthanc&distro=openSUSE%20Leap%2016.0
< 3.0.24-bp160.2.1+ 14 more
- (no CPE)range: < 3.0.24-bp160.2.1
- (no CPE)range: < 0.10.3-bp160.1.1
- (no CPE)range: < 1.22-bp160.1.1
- (no CPE)range: < 1.12.10-bp160.1.1
- (no CPE)range: < 1.8-bp160.1.1
- (no CPE)range: < 1.7-1.1
- (no CPE)range: < 1.0-bp160.2.1
- (no CPE)range: < 5.2-bp160.2.1
- (no CPE)range: < 1.1-bp160.2.1
- (no CPE)range: < 10.0-bp160.1.1
- (no CPE)range: < 7.0-bp160.1.1
- (no CPE)range: < 1.2-bp160.2.1
- (no CPE)range: < 1.3-bp160.1.1
- (no CPE)range: < 3.3-bp160.1.1
- (no CPE)range: < 1.22.1-bp160.1.1
- Range: 3.0.23
Patches
Vulnerability mechanics
References
5- talosintelligence.com/vulnerability_reports/TALOS-2024-1924nvdExploitThird Party Advisory
- www.talosintelligence.com/vulnerability_reports/TALOS-2024-1924nvdThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZJ4IG7EXMSMPHTK5ZFASCW6MHSOVZOE/nvdMailing List
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5HXUKUJ7SG3TK456SGUWVZ4Z5D7JKOL/nvdMailing List
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJA7QWWZWMY4AQFR35EA7S3CFVUTOQYG/nvdMailing List
News mentions
0No linked articles in our index yet.