CVE-2024-48425

PYSEC-2024-293 · CVE-2024-48425

Published Oct 24, 2024 · Modified May 21, 2026

Description

A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a null or invalid pointer dereference.

References

REPORT https://github.com/assimp/assimp/issues/5791

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes