FascinatedBox Lily NULL Pointer Dereference Vulnerability in the Lily Emitter
Vulnerability
A null pointer dereference vulnerability has been identified in FascinatedBox Lily versions through 2.3. The issue arises in the 'eval_tree' function within 'src/lily_emitter.c', where the function improperly handles hash structures, leading to a segmentation fault. This vulnerability requires local execution to exploit and has been publicly disclosed along with a proof-of-concept exploit.
Impact
Exploitation of this vulnerability causes a segmentation fault due to a null pointer dereference, where the program attempts to read memory from a null pointer, leading to a crash.
Reproduction
The vulnerability can be reproduced by building the Lily interpreter with release optimizations and AddressSanitizer (ASan) enabled. After building the interpreter, it can be run with a specific script that triggers the null pointer dereference by evaluating a malformed hash literal. The AddressSanitizer will report the segmentation fault caused by the null pointer dereference.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.