CVE-2021-44508
Description
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A NULL pointer dereference in GT.M's ious_open function allows attackers to crash the application via crafted input.
Vulnerability
An issue was discovered in FIS GT.M through V7.0-000 and the related YottaDB code base. The function ious_open in sr_unix/ious_open.c lacks NULL checks, leading to a NULL pointer dereference when processing certain inputs [1].
Exploitation
An attacker can exploit this vulnerability by providing specially crafted input that causes the ious_open function to dereference a NULL pointer, resulting in a denial of service. No authentication is required but the attacker must be able to trigger the vulnerable code path [2].
Impact
Successful exploitation causes the application to crash, leading to a denial of service. No further compromise (such as code execution or data disclosure) has been identified [2].
Mitigation
The issue is fixed in YottaDB release r1.34 [2]. Users of FIS GT.M should update to a version beyond V7.0-000 that includes the patch. No workaround is available for unpatched versions.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- FIS/GT.Mdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.htmlmitrex_refsource_MISC
- gitlab.com/YottaDB/DB/YDB/-/issues/828mitrex_refsource_MISC
- sourceforge.net/projects/fis-gtm/files/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.