Vulnerabilities > CVE-2021-32276 - NULL Pointer Dereference vulnerability in multiple products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

faad2-project

debian

CWE-476

NVD

Published: 2021-09-20

Updated: 2022-04-22

Summary

An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service.

Vulnerable Configurations

Part	Description	Count
Application	Faad2_Project Faad2 Project Faad2 - Faad2 Project Faad2 2.8.2 Faad2 Project Faad2 2.8.3 Faad2 Project Faad2 2.8.4 Faad2 Project Faad2 2.8.5 Faad2 Project Faad2 2.8.6 Faad2 Project Faad2 2.8.7 Faad2 Project Faad2 2.8.8 Faad2 Project Faad2 2.9.0 Faad2 Project Faad2 2.9.1 Faad2 Project Faad2 2.9.2	11
OS	Debian Debian Debian Linux 9.0 Debian Debian Linux 10.0	2

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References