Skip to main content

NULL Pointer Dereference

CVE-2005-2459

Severity Medium
Score 5/10

Summary

The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

CWE-476 - NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

Advisory Timeline

  • Published