Home

Description

Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiting the unsafe destruction order that causes iteration over deallocated memory.

PUBLISHED Reserved 2026-06-08 | Published 2026-06-10 | Updated 2026-06-10 | Assigner VulnCheck




LOW: 2.1CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

LOW: 2.9CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Product status

Default status
unaffected

Any version before 11.2
affected

11.2 (custom)
unaffected

Credits

Bill Bierman (@wbierman) finder

References

github.com/...ghidra/security/advisories/GHSA-4g43-2f29-xvp4 (GitHub Security Advisory (GHSA-4g43-2f29-xvp4)) vendor-advisory

www.vulncheck.com/...backend-via-static-initialization-order third-party-advisory

cve.org (CVE-2024-58350)

nvd.nist.gov (CVE-2024-58350)

Download JSON