PT-2022-4742 · Unknown+1 · Libiec61850+1

Published

2021-09-23

Updated

2024-08-19

CVE-2022-2973

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libIEC61850 versions 1.4 and prior libIEC61850 version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e

Description The issue is related to errors in pointer dereferencing, which could allow a remote attacker to cause a denial of service. The problem arises when a NULL pointer is used in certain situations, potentially allowing an attacker to crash the server.

Recommendations For libIEC61850 versions 1.4 and prior, update to a version later than 1.4 to resolve the issue. For libIEC61850 version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e, apply the changes from commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e or later to fix the problem. As a temporary workaround, consider implementing additional error checking to prevent the use of NULL pointers in critical situations.

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2021-2864

ALT-PU-2024-11160

BDU:2022-05638

CVE-2022-2973

Affected Products

Alt Linux

Libiec61850

PT-2022-4742 · Unknown+1 · Libiec61850+1

CVE-2022-2973

Weakness Enumeration

Related Identifiers

Affected Products

References · 9