Integer signedness error in gsl_siman_solve_many affects memory allocation
CVE-2024-50610

Currently unrated

Key Information:

Vendor: GSL (GNU Scientific Library)
Vendor: CVE Published:; 27 October 2024

Summary

GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs.

References

https://github.com/silviadefra/GolDRuSh/blob/main/vulnera...

https://git.savannah.gnu.org/cgit/gsl.git/log/siman/siman.c

https://www.gnu.org/software/gsl/doc/html/siman.html

Timeline

Vulnerability published
Oct 27, 2024
Vulnerability Reserved
Oct 27, 2024