Skip to main content

Suse EUVDEUVD-2026-23482

| CVE-2026-33337 HIGH
Classic Buffer Overflow (CWE-120)
2026-04-17 GitHub_M
7.5
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

7
Patch released
Apr 27, 2026 - 14:26 nvd
Patch available
Re-analysis Queued
Apr 20, 2026 - 19:07 vuln.today
cvss_changed
Patch available
Apr 17, 2026 - 20:16 EUVD
Analysis Generated
Apr 17, 2026 - 19:33 vuln.today
EUVD ID Assigned
Apr 17, 2026 - 19:15 euvd
EUVD-2026-23482
Analysis Generated
Apr 17, 2026 - 19:15 vuln.today
CVE Published
Apr 17, 2026 - 18:48 nvd
HIGH 7.5

DescriptionGitHub Advisory

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdr_datum() function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated buffer to overflow it. An unauthenticated attacker can exploit this by sending a crafted packet to the server, potentially causing a crash or other security impact. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.

AnalysisAI

Buffer overflow in Firebird RDBMS allows remote unauthenticated attackers to crash database servers via malformed slice packets. Affects Firebird versions prior to 5.0.4, 4.0.7, and 3.0.14 across all three maintained major release branches. The xdr_datum() deserialization function fails to validate cstring lengths against slice descriptor bounds during packet processing, enabling heap buffer overflow. CVSS 7.5 (High) with network attack vector and no authentication required. EPSS data not available, no KEV listing identified, but public vendor advisory and tagged releases confirm the issue and provide specific fix versions.

Technical ContextAI

Firebird is an open-source SQL relational database supporting ANSI SQL features, commonly deployed in embedded systems and enterprise applications. This vulnerability resides in the XDR (External Data Representation) deserialization layer that handles slice packets - protocol messages used for array data transfer between client and server. The xdr_datum() function processes incoming cstring data types but lacks bounds validation against the slice descriptor's declared buffer size. CWE-120 (Buffer Copy without Checking Size of Input) confirms this is a classic heap overflow condition where attacker-controlled length values can cause memcpy or similar operations to write beyond allocated memory. The slice packet protocol operates at the database wire protocol level, processed before authentication in some code paths, enabling pre-authentication exploitation. Firebird's architecture uses a multi-threaded server model where such memory corruption can affect process stability and potentially adjacent memory structures.

RemediationAI

Upgrade immediately to Firebird 5.0.4 (for 5.x deployments), 4.0.7 (for 4.x deployments), or 3.0.14 (for 3.x LTS deployments). Tagged releases confirming fixes available at https://github.com/FirebirdSQL/firebird/releases/tag/v5.0.4, v4.0.7, and v3.0.14 respectively. Test application compatibility in staging before production deployment, particularly for major version upgrades from 3.x to 4.x or 5.x. If immediate patching is not feasible, implement network-level compensating controls: restrict Firebird port 3050/tcp access using firewall rules to trusted IP ranges only, deploy behind VPN or bastion hosts for remote access, and enable connection authentication at the network perimeter. Note that application-layer authentication does not mitigate this pre-auth vulnerability. For containerized deployments, update base images and redeploy. Monitor Firebird error logs for unusual connection terminations or segmentation faults that may indicate exploitation attempts. These mitigations reduce attack surface but do not eliminate the vulnerability - patching remains the only complete remediation.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
openSUSE Leap 15.6 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP6 Fixed
openSUSE Leap 15.3 Fixed

Share

EUVD-2026-23482 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy