CVE-2024-29421: 
Linux Debian vulnerability analysis and mitigation

CVE-2024-29421 affects xmedcon versions up to 0.23.0 and was fixed in version 0.24.0. The vulnerability is a heap-based buffer overflow in the DICOM file parsing functionality, specifically in the libs/dicom/basic.c file. The issue was discovered by the Spike Reply Cybersecurity Team and publicly disclosed on May 22, 2024 (Spike Advisory).

The vulnerability exists in the dicomload() function within libs/dicom/basic.c. The issue occurs when parsing UN elements from DICOM files. The code allocates a buffer of size 'element.length + 4' bytes, where element.length is attacker-controlled. If element.length is close to UINTMAX (e.g., 0xfffffffe), an integer overflow occurs during the size calculation, resulting in the allocation of a small buffer (1-3 bytes). The code then attempts to read element.length bytes into this undersized buffer, causing a heap overflow. The vulnerability has been assigned a CVSS v3.1 base score of 6.2 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD).

The buffer overflow vulnerability allows attackers to write beyond the allocated heap buffer boundaries, potentially corrupting heap memory allocator metadata. This could lead to arbitrary code execution on the affected system (Spike Advisory).

The vulnerability has been fixed in xmedcon version 0.24.0. Users should upgrade to this version or later to mitigate the issue. The fix has also been included in the Debian 11.11 update (Debian Update).