CVE-2021-22570
Published: 26 January 2022
Summary
CVE-2021-22570 is a medium-severity NULL Pointer Dereference (CWE-476) vulnerability in Debian Debian Linux. Its CVSS base score is 6.5 (Medium).
Operationally, ranked at the 33.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-0206
Vulnerability details
Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed,…
more
the file is nullptr. We recommend upgrading to version 3.15.0 or greater.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.