Vulnerabilities > CVE-2021-32276 - NULL Pointer Dereference vulnerability in multiple products

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

faad2-project

debian

CWE-476

NVD

Published: 2021-09-20

Updated: 2022-04-22

Summary

An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service.

Vulnerable Configurations

Part	Description	Count
Application	Faad2_Project Faad2 Project Faad2 - Faad2 Project Faad2 2.0 Faad2 Project Faad2 2.5 Faad2 Project Faad2 2.7 Faad2 Project Faad2 2.7.1 Faad2 Project Faad2 2.8.0 Faad2 Project Faad2 2.8.1 Faad2 Project Faad2 2.8.2 Faad2 Project Faad2 2.8.3 Faad2 Project Faad2 2.8.4 Faad2 Project Faad2 2.8.5 Faad2 Project Faad2 2.8.6 Faad2 Project Faad2 2.8.7 Faad2 Project Faad2 2.8.8 Faad2 Project Faad2 2.9.0 Faad2 Project Faad2 2.9.1 Faad2 Project Faad2 2.9.2 Faad2 Project Faad2 2.10.0	18
OS	Debian Debian Debian Linux 9.0 Debian Debian Linux 10.0	2

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References