Robert Davies

**Name of the Vulnerable Software and Affected Versions** SAMtools versions 1.17 through 1.23.1 SAMtools version 1.21.1 SAMtools version 1.22.2 **Description** SAMtools is a program used for bioinformatics file manipulation. A missing check in the `cram-size` command, specifically related to the `cram decode compression header()` function, could lead to a NULL pointer dereference. This occurs when the function returns an error. Exploitation of this issue results in a program crash. **Recommendations** Update to a version after 1.23.1. Update to version 1.23.1. Update to version 1.22.2. Update to version 1.21.1.