NewsSecurity Vulnerabilities

Hex-Rays IDA Pro – Uncontrolled Resource Consumption Vulnerability [CVE-2024-44083]

CVE number = CVE-2024-44083

CVSS Score = 9.8

ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked.

NOTE: in many use cases, this is an inconvenience but not a security issue.

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

Luke Simmonds

Blogger at www.systemtek.co.uk

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.