CVE-2021-44506
Description
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Lack of input validation in GT.M's do_verify function allows attackers to corrupt a function pointer and cause a NULL pointer dereference.
Vulnerability
An issue exists in FIS GT.M through V7.0-000 (and the related YottaDB code base) in the do_verify function in sr_unix/do_verify.c. The lack of input validation allows an attacker to corrupt a function pointer, potentially leading to a jump to a NULL pointer. This affects GT.M versions up to V7.0-000 and YottaDB versions prior to r1.34.
Exploitation
An attacker must be able to corrupt the function pointer, which may be achieved through crafted input or other means. No specific authentication or network position is required beyond the ability to reach the vulnerable code path. The attack results in an attempt to dereference a NULL pointer.
Impact
Successful exploitation causes a NULL pointer dereference, leading to a crash and denial of service. No code execution or privilege escalation is indicated.
Mitigation
A fix is available in YottaDB r1.34 [2]. For GT.M, users should monitor for updates from FIS. If no patch is yet available, consider restricting access to the affected functionality as a workaround.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- FIS/GT.Mdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.htmlmitrex_refsource_MISC
- gitlab.com/YottaDB/DB/YDB/-/issues/828mitrex_refsource_MISC
- sourceforge.net/projects/fis-gtm/files/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.