Skip to main content

Suse CVE-2026-28212

| EUVDEUVD-2026-23462 HIGH
NULL Pointer Dereference (CWE-476)
2026-04-17 GitHub_M
7.5
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

7
Patch released
Apr 24, 2026 - 19:54 nvd
Patch available
Re-analysis Queued
Apr 17, 2026 - 19:22 vuln.today
cvss_changed
Patch available
Apr 17, 2026 - 19:16 EUVD
Analysis Generated
Apr 17, 2026 - 19:01 vuln.today
EUVD ID Assigned
Apr 17, 2026 - 18:45 euvd
EUVD-2026-23462
Analysis Generated
Apr 17, 2026 - 18:45 vuln.today
CVE Published
Apr 17, 2026 - 18:05 nvd
HIGH 7.5

DescriptionGitHub Advisory

Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an op_slice network packet, the server passes an unprepared structure containing a null pointer to the SDL_info() function, resulting in a null pointer dereference and server crash. An unauthenticated attacker can trigger this by sending a crafted packet to the server port. This issue has been fixed in versions 6.0.0, 5.0.4, 4.0.7 and 3.0.14.

AnalysisAI

Remote unauthenticated denial of service in Firebird SQL database server versions prior to 6.0.0/5.0.4/4.0.7/3.0.14 allows attackers to crash the database by sending a malformed op_slice network packet that triggers a null pointer dereference in the SDL_info() function. Attack requires only network access to the database port with no authentication (CVSS AV:N/AC:L/PR:N). No public exploit code identified at time of analysis, and EPSS data not available for this recent CVE. Fixed versions released by vendor across all maintained branches.

Technical ContextAI

Firebird is an open-source SQL relational database management system descended from Borland InterBase, commonly deployed on default port 3050/TCP. The vulnerability resides in the server's network packet processing logic, specifically when handling op_slice packets used for array slice operations in the wire protocol. The SDL_info() function expects a properly initialized structure containing metadata about array descriptors, but the packet handler passes an unprepared structure with a null pointer, triggering CWE-476 (NULL Pointer Dereference). This is a classic memory safety issue where input validation fails to ensure required structure initialization before use. The affected CPE spans all Firebird versions across the 3.x, 4.x, and 5.x branches prior to the March 2025 coordinated patch releases, indicating the flaw existed in the codebase for multiple major version lineages.

RemediationAI

Upgrade to patched Firebird versions immediately: 3.0.14 (https://github.com/FirebirdSQL/firebird/releases/tag/v3.0.14), 4.0.7 (https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.7), 5.0.4 (https://github.com/FirebirdSQL/firebird/releases/tag/v5.0.4), or 6.0.0 or later. All releases are available from the official GitHub repository. If immediate patching is not feasible, implement network-level access controls to restrict Firebird port (default 3050/TCP) access to trusted IP ranges only via firewall rules or VPN. This significantly raises attacker cost but does not eliminate risk from internal or authenticated network positions. For embedded deployments not exposed to network attack surfaces, risk is substantially lower but patching remains recommended for defense-in-depth. Note that access restrictions may impact legitimate remote database clients and require application architecture review. No server-side configuration workaround exists to disable op_slice packet handling without breaking array functionality.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
openSUSE Leap 15.6 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP6 Fixed
openSUSE Leap 15.3 Fixed

Share

CVE-2026-28212 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy