Skip to main content

Suse EUVDEUVD-2026-23486

| CVE-2026-34232 HIGH
Improper Handling of Syntactically Invalid Structure (CWE-228)
2026-04-17 GitHub_M
7.5
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

7
Patch released
Apr 27, 2026 - 14:27 nvd
Patch available
Re-analysis Queued
Apr 17, 2026 - 20:22 vuln.today
cvss_changed
Patch available
Apr 17, 2026 - 20:16 EUVD
Analysis Generated
Apr 17, 2026 - 20:06 vuln.today
EUVD ID Assigned
Apr 17, 2026 - 19:45 euvd
EUVD-2026-23486
Analysis Generated
Apr 17, 2026 - 19:45 vuln.today
CVE Published
Apr 17, 2026 - 18:52 nvd
HIGH 7.5

DescriptionGitHub Advisory

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does not handle the isc_arg_cstring type when decoding an op_response packet, causing a server crash when one is encountered in the status vector. An unauthenticated attacker can exploit this by sending a crafted op_response packet to the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.

AnalysisAI

Remote denial-of-service in Firebird Database Server versions prior to 5.0.4, 4.0.7, and 3.0.14 allows unauthenticated network attackers to crash the server via crafted XDR-encoded op_response packets. The xdr_status_vector() function fails to handle isc_arg_cstring status vector types during packet decoding, triggering immediate server termination. With CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) and CWE-228 (Improper Handling of Syntactically Invalid Structure), this represents a high-severity availability risk for internet-exposed Firebird instances. No active exploitation confirmed, but exploit development is trivial given the low attack complexity.

Technical ContextAI

Firebird is a mature open-source SQL relational database supporting ANSI SQL features, embedded and client-server architectures, and multi-version concurrency control. This vulnerability affects the network protocol layer's XDR (External Data Representation) decoder, specifically the xdr_status_vector() function responsible for unmarshaling status information from op_response packets sent by remote clients or during protocol negotiation. CWE-228 (Improper Handling of Syntactically Invalid Structure) indicates the parser lacks validation for the isc_arg_cstring argument type within status vectors-a fundamental protocol parsing flaw. When the decoder encounters this unexpected type during op_response processing, it triggers undefined behavior leading to server process crash. The vulnerability exists across all three maintained major version branches (3.x, 4.x, 5.x), suggesting the flawed parsing logic was inherited through the codebase evolution. The network-accessible attack surface (default TCP port 3050) and complete lack of authentication requirements make this exploitable against any exposed Firebird instance running vulnerable versions.

RemediationAI

Upgrade to vendor-released patched versions: Firebird 5.0.4, 4.0.7, or 3.0.14 depending on your current major version branch. Release packages available at https://github.com/FirebirdSQL/firebird/releases/tag/v5.0.4, https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.7, and https://github.com/FirebirdSQL/firebird/releases/tag/v3.0.14. For environments unable to immediately patch, implement network-layer access controls: restrict Firebird port 3050/TCP to trusted application server IPs only via firewall rules or security groups, eliminating unauthenticated internet exposure. This compensating control reduces attack surface to authenticated internal networks but does not eliminate risk from compromised application servers or malicious insiders. If using embedded Firebird deployments (no network listener), this vulnerability is not exploitable. Test patched versions in staging environments before production deployment, particularly for applications with custom UDF libraries or legacy InterBase compatibility requirements. No configuration changes required post-upgrade-the fix corrects protocol parsing logic transparently.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
openSUSE Leap 15.6 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP6 Fixed
openSUSE Leap 15.3 Fixed

Share

EUVD-2026-23486 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy