CVE-2021-44495

Vulnerability

An issue in YottaDB (through r1.32) and FIS GT.M (through V7.0-000) allows a NULL pointer dereference after calls to ZPrint. By providing specially crafted input, an attacker can trigger this bug, which was discovered through fuzz testing [2]. The vulnerable code path is reachable when ZPrint is invoked with crafted arguments, leading to a crash.

Exploitation

An attacker needs only the ability to supply crafted input to the ZPrint command. No special privileges, network position, or user interaction beyond normal database operations are required. The attacker crafts a sequence or parameters that cause the ZPrint routine to dereference a NULL pointer, exploiting the lack of proper validation.

Impact

Successful exploitation results in a denial of service (DoS) via a NULL pointer dereference, causing the database engine (M process) to crash. There is no evidence of code execution or information disclosure; the impact is limited to availability compromise.

Mitigation

The fix is included in YottaDB release r1.34, which addresses 40 bugs discovered through fuzz testing [2]. Users are advised to upgrade to YottaDB r1.34 or later. For GT.M FIS, the affected version through V7.0-000 should be updated to a patched release; as of the reference dates, a specific fixed version was not identified. No workaround is documented.