Unrated severityNVD Advisory· Published Jul 19, 2024· Updated Mar 25, 2025
CVE-2024-40724
CVE-2024-40724
Description
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
26- osv-coords24 versionspkg:rpm/opensuse/assimp&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/assimp&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/assimp&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/libqt5-qt3d&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/libqt5-qt3d&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/libqt5-qtquick3d&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/libqt5-qtquick3d&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/assimp&distro=SUSE%20Package%20Hub%2015%20SP5pkg:rpm/suse/assimp&distro=SUSE%20Package%20Hub%2015%20SP6pkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/libqt5-qt3d&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/libqt5-qtquick3d&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/libqt5-qtquick3d&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6
< 5.3.1-bp156.3.3.1+ 23 more
- (no CPE)range: < 5.3.1-bp156.3.3.1
- (no CPE)range: < 5.3.1-bp156.3.3.1
- (no CPE)range: < 5.4.3-1.1
- (no CPE)range: < 5.15.8+kde0-150500.3.3.1
- (no CPE)range: < 5.15.12+kde0-150600.3.3.1
- (no CPE)range: < 5.15.8+kde1-150500.3.3.1
- (no CPE)range: < 5.15.12+kde1-150600.3.3.1
- (no CPE)range: < 5.3.1-bp156.3.3.1
- (no CPE)range: < 5.3.1-bp156.3.3.1
- (no CPE)range: < 5.12.7-150200.4.3.1
- (no CPE)range: < 5.12.7-150200.4.3.1
- (no CPE)range: < 5.12.7-150200.4.3.1
- (no CPE)range: < 5.15.2+kde39-150400.3.3.1
- (no CPE)range: < 5.15.2+kde39-150400.3.3.1
- (no CPE)range: < 5.15.8+kde0-150500.3.3.1
- (no CPE)range: < 5.15.12+kde0-150600.3.3.1
- (no CPE)range: < 5.12.7-150200.4.3.1
- (no CPE)range: < 5.12.7-150200.4.3.1
- (no CPE)range: < 5.15.2+kde39-150400.3.3.1
- (no CPE)range: < 5.12.7-150200.4.3.1
- (no CPE)range: < 5.12.7-150200.4.3.1
- (no CPE)range: < 5.15.2+kde39-150400.3.3.1
- (no CPE)range: < 5.15.8+kde1-150500.3.3.1
- (no CPE)range: < 5.15.12+kde1-150600.3.3.1
- Open Asset Import Library/Assimpv5Range: prior to 5.4.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.