Common Weakness Enumeration

CWE-617

Allowed

Reachable Assertion

Abstraction: Base · Status: Draft

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

989 vulnerabilities reference this CWE, most recent first.

GHSA-5QM6-J92F-79JP

Vulnerability from github – Published: 2023-11-02 18:30 – Updated: 2025-11-04 00:30
VLAI
Details

A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-38473"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-02T16:15:08Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.",
  "id": "GHSA-5qm6-j92f-79jp",
  "modified": "2025-11-04T00:30:41Z",
  "published": "2023-11-02T18:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38473"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2023-38473"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2191694"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00011.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5R25-9PPQ-M6J9

Vulnerability from github – Published: 2022-01-28 00:01 – Updated: 2022-02-03 00:00
VLAI
Details

There is an Assertion `i < parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46508"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-27T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "There is an Assertion `i \u003c parts_cnt\u0027 failed at src/mjs_bcode.c in Cesanta MJS v2.20.0.",
  "id": "GHSA-5r25-9ppq-m6j9",
  "modified": "2022-02-03T00:00:32Z",
  "published": "2022-01-28T00:01:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46508"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cesanta/mjs/issues/188"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-5RX7-3W8F-H49W

Vulnerability from github – Published: 2022-05-13 01:49 – Updated: 2022-05-13 01:49
VLAI
Details

The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-14045"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-13T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.",
  "id": "GHSA-5rx7-3w8f-h49w",
  "modified": "2022-05-13T01:49:53Z",
  "published": "2022-05-13T01:49:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14045"
    },
    {
      "type": "WEB",
      "url": "https://github.com/TeamSeri0us/pocs/blob/master/soundtouch/readme.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5V57-X2WG-79RM

Vulnerability from github – Published: 2023-12-05 03:30 – Updated: 2023-12-05 03:30
VLAI
Details

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-33041"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-05T03:15:11Z",
    "severity": "HIGH"
  },
  "details": "Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.",
  "id": "GHSA-5v57-x2wg-79rm",
  "modified": "2023-12-05T03:30:22Z",
  "published": "2023-12-05T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33041"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5V8M-2MHG-5WV4

Vulnerability from github – Published: 2025-01-22 00:33 – Updated: 2025-01-23 18:31
VLAI
Details

A reachable assertion in the decode_access_point_name_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-24424"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-21T23:15:12Z",
    "severity": "HIGH"
  },
  "details": "A reachable assertion in the decode_access_point_name_ie function of Magma \u003c= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.",
  "id": "GHSA-5v8m-2mhg-5wv4",
  "modified": "2025-01-23T18:31:18Z",
  "published": "2025-01-22T00:33:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24424"
    },
    {
      "type": "WEB",
      "url": "https://cellularsecurity.org/ransacked"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5VH3-FX9F-223V

Vulnerability from github – Published: 2026-05-28 12:30 – Updated: 2026-06-10 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission

sdma_v4_0_ring_emit_fence() contains two BUG_ON(addr & 0x3) assertions that verify fence writeback addresses are dword-aligned. These assertions can be reached from unprivileged userspace via crafted DRM_IOCTL_AMDGPU_CS submissions, causing a fatal kernel panic in a scheduler worker thread.

Replace both BUG_ON() calls with WARN_ON() to log the condition without crashing the kernel. A misaligned fence address at this point indicates a driver bug, but crashing the kernel is never the correct response when the assertion is reachable from userspace.

The CS IOCTL path is the correct place to filter invalid submissions; the ring emission callback is too late to do anything about it.

(cherry picked from commit b90250bd933afd1ba94d86d6b13821997b22b18e)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-46220"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T10:16:37Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission\n\nsdma_v4_0_ring_emit_fence() contains two BUG_ON(addr \u0026 0x3) assertions\nthat verify fence writeback addresses are dword-aligned.  These\nassertions can be reached from unprivileged userspace via crafted\nDRM_IOCTL_AMDGPU_CS submissions, causing a fatal kernel panic in a\nscheduler worker thread.\n\nReplace both BUG_ON() calls with WARN_ON() to log the condition without\ncrashing the kernel.  A misaligned fence address at this point indicates\na driver bug, but crashing the kernel is never the correct response when\nthe assertion is reachable from userspace.\n\nThe CS IOCTL path is the correct place to filter invalid submissions;\nthe ring emission callback is too late to do anything about it.\n\n(cherry picked from commit b90250bd933afd1ba94d86d6b13821997b22b18e)",
  "id": "GHSA-5vh3-fx9f-223v",
  "modified": "2026-06-10T21:31:25Z",
  "published": "2026-05-28T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46220"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0b91ea46bb68abf98a082bf239092253bbd6aaa2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/25e7d56a39657d56d1ea6d78992f7ed15dedb412"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4f7ca00fa91daf0795ec6b3b130c5ebba1f155fe"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/78d2e624fa073c14970aa097adcf3ea31c157a66"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a4fd82fb0757c180bf622907397c528b89a827b2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d331fb241a4602253976ddd65144a8ba2b05665d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d4c56932d29773e278be6a65a5384a36c95b89a4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ecaa80318e900ca0c3f687742ede33b41cfd2f8e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5W4C-X7FV-V2G8

Vulnerability from github – Published: 2023-08-22 21:30 – Updated: 2024-04-04 07:07
VLAI
Details

An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-35205"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-22T19:16:23Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.",
  "id": "GHSA-5w4c-x7fv-v2g8",
  "modified": "2024-04-04T07:07:03Z",
  "published": "2023-08-22T21:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35205"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20231006-0010"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29289"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5X2C-7CWV-6FV6

Vulnerability from github – Published: 2022-05-13 01:16 – Updated: 2022-05-13 01:16
VLAI
Details

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9252"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-04T02:29:00Z",
    "severity": "MODERATE"
  },
  "details": "JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.",
  "id": "GHSA-5x2c-7cwv-6fv6",
  "modified": "2022-05-13T01:16:06Z",
  "published": "2022-05-13T01:16:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9252"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mdadams/jasper/issues/173"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5X2P-VJM5-P7GJ

Vulnerability from github – Published: 2022-12-13 18:30 – Updated: 2022-12-15 18:30
VLAI
Details

Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-25675"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-13T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile",
  "id": "GHSA-5x2p-vjm5-p7gj",
  "modified": "2022-12-15T18:30:23Z",
  "published": "2022-12-13T18:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25675"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5XMQ-MWGG-PJP2

Vulnerability from github – Published: 2025-01-22 18:31 – Updated: 2025-02-03 15:32
VLAI
Details

A reachable assertion in the nas_eps_send_emm_to_esm function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-24429"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-22T16:15:28Z",
    "severity": "HIGH"
  },
  "details": "A reachable assertion in the nas_eps_send_emm_to_esm function of Open5GS \u003c= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.",
  "id": "GHSA-5xmq-mwgg-pjp2",
  "modified": "2025-02-03T15:32:02Z",
  "published": "2025-01-22T18:31:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24429"
    },
    {
      "type": "WEB",
      "url": "https://cellularsecurity.org/ransacked"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)

Mitigation
Implementation

Strategy: Input Validation

Perform input validation on user data.

No CAPEC attack patterns related to this CWE.