A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when parsing malformed DICOM files with non-standard VR types in file meta information. The vulnerability leads to vast memory allocations and resource depletion, triggering a denial-of-service condition. A maliciously crafted file can fill the heap in a single read operation without properly releasing it.
2.4.4-42.4.4-4build12.4.4-4ubuntu12.6.1-32.6.2-12.6.2-22.6.2-32.6.3-12.6.3-1ubuntu12.6.3-2ubuntu1+2 more2.8.2-3build12.8.3-12.8.4-12.8.4-1build22.8.8-9ubuntu42.8.8-9ubuntu53.0.4-23.0.4-2build13.0.4-2ubuntu13.0.5-1.1ubuntu13.0.5-1.1ubuntu23.0.5-1ubuntu13.0.10-13.0.10-1build23.0.8-23.0.21-23.0.22-13.0.22-2.1build13.0.22-2.1build23.0.22-2.1ubuntu13.0.22-2build13.0.22-2build23.0.24-5ubuntu23.0.24-5ubuntu32.2.3-2ubuntu32.2.3-2ubuntu42.2.4-1.1ubuntu12.2.4-1.1ubuntu22.2.4-1.1ubuntu32.2.4-1.1ubuntu42.2.4-1.1ubuntu4+esm1Exploitability
AV:NAC:LAT:NPR:NUI:NVulnerable System
VC:NVI:NVA:HSubsequent System
SC:NSI:NSA:NCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N