CVE-2024-24794: 
Homebrew vulnerability analysis and mitigation

A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature freeing of memory that is used later. To trigger this vulnerability, an attacker would need to induce the vulnerable application to process a malicious DICOM image (Talos Report).

The vulnerability occurs when parsing DICOM files that contain elements with the same tag. The code pattern in libdicom follows a sequence where it allocates a new element, attempts to insert it into the dataset, and if the operation fails, the element is freed. However, if the dataset already contains the tag of the element, dcm_element_destroy() is called to deallocate the object, but the code proceeds to return false, resulting in a second deallocation of the same element. This double-free scenario can lead to memory corruption. The vulnerability has been assigned a CVSSv3 score of 8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) (Talos Report).

The vulnerability can lead to memory corruption and possible arbitrary code execution on the targeted system. This is particularly concerning as libdicom is commonly used in medical facilities for handling DICOM files, which are standard formats for storing and transmitting medical images (Talos Blog).

The vendor has issued a fix on Github.com. Users are advised to update to the latest version of the software that includes the security patch (Talos Report).