IDA Pro Crashes with Many Jump Sections
CVE-2024-44083
Key Information:
- Vendor
- Hex-rays
- Status
- Ida Pro
- Vendor
- CVE Published:
- 19 August 2024
Badges
Summary
The vulnerability in the ida64.dll component of Hex-Rays IDA Pro, specifically affecting version 8.4, can result in application crashes when processing complex jump structures. In scenarios where many jumps are linked, the final jump that leads to the payload may cause instability in the software. While this behavior is primarily problematic for usability, it does not constitute a security concern in the conventional sense, as it does not lead to unauthorized access or data breaches.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability published
Vulnerability Reserved