CVE-2021-44497
Description
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, can cause the bounds of a for loop to be miscalculated, which leads to a use after free condition a pointer is pushed into previously free memory by the loop.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Use-after-free in FIS GT.M up to V7.0-000 due to miscalculated for-loop bounds via crafted input, leading to memory corruption.
Vulnerability
The vulnerability exists in FIS GT.M (and the related YottaDB code base) up to version V7.0-000. Crafted input can cause miscalculation of a for-loop's bounds, leading to a use-after-free condition when a pointer is pushed into previously freed memory.
Exploitation
An attacker can exploit this by providing specially crafted input to the database engine. No authentication or special privileges are required if the attacker can supply input to the affected code path. The miscalculated loop bounds cause the program to write a pointer into memory that has already been freed.
Impact
Successful exploitation results in a use-after-free condition, which can lead to memory corruption, potential arbitrary code execution, or denial of service. The attacker may gain control over the execution flow depending on the memory layout.
Mitigation
The issue was addressed in the YottaDB r1.34 release as part of fixes for bugs exposed by fuzz testing [2]. Users of FIS GT.M should upgrade to a version beyond V7.0-000 if a fix is available, or apply the corresponding patch from YottaDB. No workaround is documented.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- FIS/GT.Mdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.htmlmitrex_refsource_MISC
- gitlab.com/YottaDB/DB/YDB/-/issues/828mitrex_refsource_MISC
- sourceforge.net/projects/fis-gtm/files/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.