CVE-2021-44484

Vulnerability

A NULL pointer dereference vulnerability exists in the emit_trip function in sr_port/emit_code.c of YottaDB through r1.32 and V7.0-000. The lack of NULL checks before dereferencing a pointer allows an attacker to cause a crash by providing input that triggers this code path. The issue was discovered during fuzz testing and is tracked in YottaDB issue #828 [1].

Exploitation

An attacker can exploit this vulnerability by sending specially crafted input to the YottaDB database engine that reaches the emit_trip function with a NULL pointer. No authentication or special privileges are required if the attacker can submit queries or commands to the database. The crash occurs immediately upon dereferencing the NULL pointer.

Impact

Successful exploitation results in a denial of service (DoS) by crashing the YottaDB application. The attacker gains no code execution or data access; the impact is limited to application termination.

Mitigation

The vulnerability is fixed in YottaDB release r1.34, which includes patches for 40 bugs discovered through fuzz testing [1]. Users should upgrade to r1.34 or later. No workaround is available for affected versions. The CVE is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.