| عنوان | Assimp commit 17c12da NULL Pointer Dereference |
|---|
| الوصف | A NULL pointer dereference vulnerability exists in Assimp's glTFImporter component, specifically in the `Assimp::glTFImporter::ImportMeshes()` function at `glTFImporter.cpp:287`.
The root cause is that the program calls `ExtractData()` to load texture coordinate data from a glTF accessor, but fails to verify whether the function succeeds. When processing a malicious or malformed glTF file with an invalid bufferView, missing data, or corrupted texture coordinate structure, `ExtractData()` returns a failure status and leaves the output data pointer as NULL.
The code then directly dereferences this NULL pointer to access texture coordinate values, which triggers an immediate segmentation fault (SEGV) and crashes the application. This vulnerability can be exploited to cause a denial-of-service (DoS) condition. |
|---|
| المصدر | ⚠️ https://github.com/assimp/assimp/issues/6609 |
|---|
| المستخدم | TYGLS (UID 94774) |
|---|
| ارسال | 07/05/2026 04:32 AM (1 شهر منذ) |
|---|
| الاعتدال | 31/05/2026 08:13 AM (24 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 367478 [Assimp حتى 6.0.4 glTFImporter glTFImporter.cpp ImportMeshes الحرمان من الخدمة] |
|---|
| النقاط | 20 |
|---|