CVE-2024-22391 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2024-22391 Interim 1 5 2026-03-05T02:51:08Z current 2024-04-26T23:12:00Z 2026-03-05T02:51:08Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2024-22391 A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 16.0 openSUSE Tumbleweed gdcm-3.0.24-bp160.2.1 gdcm-applications-3.0.24-bp160.2.1 gdcm-devel-3.0.24-bp160.2.1 gdcm-examples-3.0.24-bp160.2.1 libgdcm3_0-3.0.24-bp160.2.1 libsocketxx1_2-3.0.24-bp160.2.1 orthanc-1.12.10-bp160.1.1 orthanc-authorization-0.10.3-bp160.1.1 orthanc-devel-1.12.10-bp160.1.1 orthanc-dicomweb-1.22-bp160.1.1 orthanc-doc-1.12.10-bp160.1.1 orthanc-gdcm-1.7-1.1 orthanc-gdcm-1.8-bp160.1.1 orthanc-indexer-1.0-bp160.2.1 orthanc-mysql-5.2-bp160.2.1 orthanc-neuro-1.1-bp160.2.1 orthanc-postgresql-10.0-bp160.1.1 orthanc-python-7.0-bp160.1.1 orthanc-source-1.12.10-bp160.1.1 orthanc-stl-1.2-bp160.2.1 orthanc-tcia-1.3-bp160.1.1 orthanc-wsi-3.3-bp160.1.1 python3-gdcm-3.0.24-bp160.2.1 python313-pyorthanc-1.22.1-bp160.1.1 gdcm-3.0.24-bp160.2.1 as a component of openSUSE Leap 16.0 gdcm-applications-3.0.24-bp160.2.1 as a component of openSUSE Leap 16.0 gdcm-devel-3.0.24-bp160.2.1 as a component of openSUSE Leap 16.0 gdcm-examples-3.0.24-bp160.2.1 as a component of openSUSE Leap 16.0 libgdcm3_0-3.0.24-bp160.2.1 as a component of openSUSE Leap 16.0 libsocketxx1_2-3.0.24-bp160.2.1 as a component of openSUSE Leap 16.0 orthanc-1.12.10-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-authorization-0.10.3-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-devel-1.12.10-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-dicomweb-1.22-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-doc-1.12.10-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-gdcm-1.8-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-indexer-1.0-bp160.2.1 as a component of openSUSE Leap 16.0 orthanc-mysql-5.2-bp160.2.1 as a component of openSUSE Leap 16.0 orthanc-neuro-1.1-bp160.2.1 as a component of openSUSE Leap 16.0 orthanc-postgresql-10.0-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-python-7.0-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-source-1.12.10-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-stl-1.2-bp160.2.1 as a component of openSUSE Leap 16.0 orthanc-tcia-1.3-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-wsi-3.3-bp160.1.1 as a component of openSUSE Leap 16.0 python3-gdcm-3.0.24-bp160.2.1 as a component of openSUSE Leap 16.0 python313-pyorthanc-1.22.1-bp160.1.1 as a component of openSUSE Leap 16.0 orthanc-gdcm-1.7-1.1 as a component of openSUSE Tumbleweed A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. CVE-2024-22391 openSUSE Leap 16.0:gdcm-3.0.24-bp160.2.1 openSUSE Leap 16.0:gdcm-applications-3.0.24-bp160.2.1 openSUSE Leap 16.0:gdcm-devel-3.0.24-bp160.2.1 openSUSE Leap 16.0:gdcm-examples-3.0.24-bp160.2.1 openSUSE Leap 16.0:libgdcm3_0-3.0.24-bp160.2.1 openSUSE Leap 16.0:libsocketxx1_2-3.0.24-bp160.2.1 openSUSE Leap 16.0:orthanc-1.12.10-bp160.1.1 openSUSE Leap 16.0:orthanc-authorization-0.10.3-bp160.1.1 openSUSE Leap 16.0:orthanc-devel-1.12.10-bp160.1.1 openSUSE Leap 16.0:orthanc-dicomweb-1.22-bp160.1.1 openSUSE Leap 16.0:orthanc-doc-1.12.10-bp160.1.1 openSUSE Leap 16.0:orthanc-gdcm-1.8-bp160.1.1 openSUSE Leap 16.0:orthanc-indexer-1.0-bp160.2.1 openSUSE Leap 16.0:orthanc-mysql-5.2-bp160.2.1 openSUSE Leap 16.0:orthanc-neuro-1.1-bp160.2.1 openSUSE Leap 16.0:orthanc-postgresql-10.0-bp160.1.1 openSUSE Leap 16.0:orthanc-python-7.0-bp160.1.1 openSUSE Leap 16.0:orthanc-source-1.12.10-bp160.1.1 openSUSE Leap 16.0:orthanc-stl-1.2-bp160.2.1 openSUSE Leap 16.0:orthanc-tcia-1.3-bp160.1.1 openSUSE Leap 16.0:orthanc-wsi-3.3-bp160.1.1 openSUSE Leap 16.0:python3-gdcm-3.0.24-bp160.2.1 openSUSE Leap 16.0:python313-pyorthanc-1.22.1-bp160.1.1 openSUSE Tumbleweed:orthanc-gdcm-1.7-1.1 important 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H