CVE-2024-58350: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior in nationalsecurityagency ghidra
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiting the unsafe destruction order that causes iteration over deallocated memory.
AI Analysis
Technical Summary
CVE-2024-58350 affects Ghidra before version 11.2 and involves a use-after-free vulnerability in the Sleigh backend. The issue arises from undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons, leading to unsafe destruction order. This unsafe destruction can cause iteration over memory that has already been deallocated, potentially triggering an infinite loop or denial of service during application shutdown.
Potential Impact
The vulnerability can cause denial of service by triggering an infinite loop or crash during the shutdown phase of Ghidra. There is no indication of code execution or data compromise. The CVSS score of 2.1 reflects a low severity impact with local attack vector and no privileges or user interaction required.
Mitigation Recommendations
No official patch or remediation level has been confirmed yet. Users should upgrade to Ghidra version 11.2 or later once available to address this issue. Until then, monitor vendor advisories for updates. No immediate workaround or temporary fix is documented.
CVE-2024-58350: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior in nationalsecurityagency ghidra
Description
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiting the unsafe destruction order that causes iteration over deallocated memory.
CVSS v4.0
Score 2.1low
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-58350 affects Ghidra before version 11.2 and involves a use-after-free vulnerability in the Sleigh backend. The issue arises from undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons, leading to unsafe destruction order. This unsafe destruction can cause iteration over memory that has already been deallocated, potentially triggering an infinite loop or denial of service during application shutdown.
Potential Impact
The vulnerability can cause denial of service by triggering an infinite loop or crash during the shutdown phase of Ghidra. There is no indication of code execution or data compromise. The CVSS score of 2.1 reflects a low severity impact with local attack vector and no privileges or user interaction required.
Mitigation Recommendations
No official patch or remediation level has been confirmed yet. Users should upgrade to Ghidra version 11.2 or later once available to address this issue. Until then, monitor vendor advisories for updates. No immediate workaround or temporary fix is documented.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-06-08T15:20:35.496Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a2967aec9170919df1fd463
Added to database: 6/10/2026, 1:33:34 PM
Last enriched: 6/10/2026, 1:50:44 PM
Last updated: 6/10/2026, 3:52:10 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.