Primary

Context

brplot Null Pointer Dereference Vulnerability

Vulnerability

A null pointer dereference vulnerability has been identified in brplot version 420.69.1, specifically within the br_dagens_handle_once function of the data processing module. This vulnerability can lead to unpredictable program behavior, causing segmentation faults and program crashes. The issue arises when the function br_data_get1 returns a null value, which is then improperly dereferenced, leading to a crash.

Impact

Exploitation of this vulnerability causes segmentation faults and program crashes.

Reproduction

To reproduce this vulnerability, use brplot version 420.69.1 and invoke the br_dagens_handle_once function with a br_datas_t object that contains a group_id not present in the data. The function will attempt to retrieve data using br_data_get1. When a null value is returned, the function will dereference the null pointer, leading to a crash.

Remediation

Users can update to the latest version of brplot, where this vulnerability has been fixed.

Added: Jun 20, 2025, 6:44 PM

Updated: Jun 20, 2025, 6:44 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.4

remediation

0.0

relevance

0.2

threat

4.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.4

remediation

0.0

relevance

0.2

threat

4.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

brplot Null Pointer Dereference Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating