Primary

Context

GNU Barcode Memory Leak Vulnerability Allowing Denial-of-Service

Vulnerability

A memory leak vulnerability has been identified in GNU Barcode version 0.99, specifically within the command line processing function in cmdline.c. This vulnerability allows attackers to exploit unfreed memory allocations by providing specially crafted input, potentially leading to denial-of-service conditions.

Impact

Exploitation of this vulnerability causes a memory leak, with AddressSanitizer reports indicating 567 bytes leaked in two allocations.

Reproduction

The vulnerability can be reproduced by using GNU Barcode 0.99 and providing a specific command line input that is crafted to exploit the memory management flaw. This input should be designed to create unfreed memory allocations, which can be verified using a tool like AddressSanitizer.

Added: Dec 24, 2025, 8:38 PM

Updated: Dec 24, 2025, 8:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU Barcode Memory Leak Vulnerability Allowing Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating