Use of NullPointerException Catch to Detect NULL Pointer Dereference

CVE-2024-36275

Medium

5.8/10

Summary

NULL pointer dereference in some Intel(R) Optane(TM) PMem Management software versions before CR_MGMT_02.00.00.4040, CR_MGMT_03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-395 - Use of NullPointerException Catch to Detect NULL Pointer Dereference

Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.

References

Advisory Timeline

Published Nov 13, 2024

Use of NullPointerException Catch to Detect NULL Pointer Dereference

CVE-2024-36275

Summary

CWE-395 - Use of NullPointerException Catch to Detect NULL Pointer Dereference

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS