Hex-Rays IDA Pro – Uncontrolled Resource Consumption Vulnerability [CVE-2024-44083]
CVE number = CVE-2024-44083
CVSS Score = 9.8
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked.
NOTE: in many use cases, this is an inconvenience but not a security issue.
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
Blogger at www.systemtek.co.uk