PT-2026-41034 · Libsixel · Libsixel
Saitohapublished
·
Published
2026-05-14
·
Updated
2026-05-14
·
CVE-2026-44638
CVSS v3.1
2.5
Low
| Vector | AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
libsixel versions prior to 1.8.7-r2
Description
A NULL pointer dereference occurs in the
sixel decode raw() and sixel decode() functions due to an incorrect NULL check following an allocation call. The check validates the address of the output parameter rather than the value returned by malloc(). Consequently, if an allocation fails during a low-memory condition, the process attempts to write through a NULL pointer, leading to a crash and resulting in a denial of service for any caller of these public APIs.Recommendations
Update to version 1.8.7-r2.
Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Libsixel