Articles with tag: Null Pointer Dereference
POSTED BY: Angelos T. Kalaitzidis / 24.05.2022

Multiple vulnerabilities in radare2

CENSUS ID:CENSUS-2022-0001
CVE IDs:CVE-2022-0419, CVE-2021-44974, CVE-2021-44975
Affected Products:radare2 versions prior to 5.6.0
Class:NULL pointer dereference (CWE-476), Heap-based buffer overflow (CWE-122)
Discovered by:Angelos T. Kalaitzidis

CENSUS identified a number of NULL pointer dereference and Heap buffer overflow bugs in the radare2 project code. Radare2 is a popular reverse engineering framework. CENSUS has verified that release 5.6.0 of radare2 carries the appropriate fixes to remediate all of the identified issues.


POSTED BY: Dimitrios Glynos / 31.01.2020

Multiple NULL pointer dereference vulnerabilities in newlib

CENSUS ID:CENSUS-2020-0001
CVE IDs: CVE-2019-14871, CVE-2019-14872, CVE-2019-14873, CVE-2019-14874, CVE-2019-14875, CVE-2019-14876, CVE-2019-14877, CVE-2019-14878
Affected Products:newlib versions prior to 3.3.0, its derivatives (e.g. newlib-nano, picolibc and related Platform SDKs such as " GNU ARM Embedded Toolchain 64-bit Linux 8-2018-q4-major")
Class:NULL pointer dereference (CWE-476)
Discovered by:Dimitrios Glynos

During the security assessment of a firmware binary a number of NULL pointer dereference bugs were found caused by newlib-nano code. newlib-nano is a C library for use on 32-bit processors that have only a few kB of memory. It turns out that newlib-nano was part of the "GNU ARM Embedded Toolchain" that the chip manufacturer (Microchip/Atmel) delivered for application development purposes. newlib-nano inherits code from the newlib project, which is a C library intended for use on embedded systems. All NULL pointer dereference bugs identified in newlib-nano were inherited by newlib code and therefore CENSUS reported the respective vulnerabilities to the upstream project. Users of the newlib library are advised to update to version 3.3.0 and make sure to build the library sources with the newlib-reent-check-verify 'configure' option enabled.