CVE-2021-44491
Description
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an extremely large value in order to cause a segmentation fault and crash the application. This is a digs-- calculation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Crafted input causes a calculation error in YottaDB's op_fnj3 function, leading to a segmentation fault and denial of service.
Vulnerability
An issue exists in YottaDB through r1.32 and V7.0-000 in the op_fnj3 function in sr_port/op_fnj3.c. A crafted input triggers a calculation of the size argument to memset that results in an extremely large value due to a digs-- calculation error, causing a segmentation fault [1].
Exploitation
An attacker can provide specially crafted input to the application, which is processed by the vulnerable code path. No authentication or special privileges are required; the input can be supplied over the network or via a file, depending on the deployment [1].
Impact
Successful exploitation causes a segmentation fault, crashing the application. This results in a denial of service (DoS) as the YottaDB process terminates unexpectedly [1].
Mitigation
The vulnerability is fixed in YottaDB release r1.34, which includes patches for bugs discovered through fuzz testing [1]. Users should upgrade to r1.34 or later. No workarounds are documented.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- YottaDB/YottaDBdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- gitlab.com/YottaDB/DB/YDB/-/issues/828mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.