CVE-2021-44494

Vulnerability

The issue resides in the ZRead function within YottaDB (through r1.32) and FIS GT.M (through V7.0-000). By providing specially crafted input, an attacker can trigger a NULL pointer dereference, leading to a crash. The affected versions are YottaDB up to r1.32 and GT.M up to V7.0-000 [1][2].

Exploitation

An attacker needs to supply crafted input to the ZRead function. No special authentication or network position is mentioned in the references; the attack is achievable by sending the malicious input through normal interaction with the database system [2]. The exact sequence involves the crafted data causing the code to access a pointer that has not been initialized, resulting in a NULL dereference.

Impact

Successful exploitation causes a denial of service (crash) of the database process. The impact is limited to availability (CIA: availability loss), with no indication of data corruption, information disclosure, or privilege escalation in the available references [2].

Mitigation

A fix has been implemented in YottaDB r1.34, which addresses the bugs exposed by fuzz testing, including this NULL pointer dereference in ZRead [2]. Users should upgrade to YottaDB r1.34 or later. For FIS GT.M, no specific patch version is disclosed in the references; users are advised to contact the vendor for an update [1]. No workaround is mentioned in the available references.