Skip to main content

NULL Pointer Dereference

CVE-2021-43667

Severity High
Score 7.5/10

Summary

A NULL Pointer Dereference vulnerability has been detected in HyperLedger Fabric before 2.2.4 and 2.3.x before 2.3.3. This bug can be leveraged by constructing a message whose payload is nil and sending this message with the method 'forwardToLeader'. This bug has been admitted and fixed by the developers of Fabric. If leveraged, any leader node will crash.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-476 - NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Advisory Timeline

  • Published