PT-2026-26153 · Samtools · Samtools
Aviesrob
·
Publicado
2026-03-18
·
Atualizado
2026-03-19
·
CVE-2026-31972
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SAMtools versions prior to 1.21.1
SAMtools versions prior to 1.22
Description
SAMtools is a program used for bioinformatics file manipulation. The
mpileup command, which outputs aligned DNA sequences, contains a flaw where data may be prematurely discarded from memory. This can lead to attempts to read from freed memory, potentially leaking program state or causing a crash. The issue occurs due to incorrect memory management within the mpileup command.Recommendations
Update to SAMtools version 1.21.1 or later.
Update to SAMtools version 1.22 or later.
Exploit
Correção
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Samtools