CWE-617
AllowedReachable Assertion
Abstraction: Base · Status: Draft
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
989 vulnerabilities reference this CWE, most recent first.
GHSA-88GH-WQJ4-3FXR
Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-10-26 12:00An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.
{
"affected": [],
"aliases": [
"CVE-2021-30501"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-27T00:15:00Z",
"severity": "MODERATE"
},
"details": "An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.",
"id": "GHSA-88gh-wqj4-3fxr",
"modified": "2022-10-26T12:00:40Z",
"published": "2022-05-24T19:03:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30501"
},
{
"type": "WEB",
"url": "https://github.com/upx/upx/issues/486"
},
{
"type": "WEB",
"url": "https://github.com/upx/upx/pull/487"
},
{
"type": "WEB",
"url": "https://github.com/upx/upx/commit/28e761cd42211dfe0124b7a29b2f74730f453e46"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948696"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-88JR-VQF8-XRXX
Vulnerability from github – Published: 2025-01-06 06:30 – Updated: 2025-01-06 15:30In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue ID: MSV-1798.
{
"affected": [],
"aliases": [
"CVE-2024-20152"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-06T04:15:07Z",
"severity": "MODERATE"
},
"details": "In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue ID: MSV-1798.",
"id": "GHSA-88jr-vqf8-xrxx",
"modified": "2025-01-06T15:30:59Z",
"published": "2025-01-06T06:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20152"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-88PC-G4M6-PVHP
Vulnerability from github – Published: 2022-05-13 01:52 – Updated: 2022-05-13 01:52An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the "WebKit" component. It allows attackers to trigger an assertion failure by leveraging improper array indexing.
{
"affected": [],
"aliases": [
"CVE-2018-4113"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-03T06:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the \"WebKit\" component. It allows attackers to trigger an assertion failure by leveraging improper array indexing.",
"id": "GHSA-88pc-g4m6-pvhp",
"modified": "2022-05-13T01:52:36Z",
"published": "2022-05-13T01:52:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4113"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201808-04"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208693"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208694"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208695"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208696"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208697"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208698"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3635-1"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040604"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-88V5-46C4-6CXW
Vulnerability from github – Published: 2025-01-19 12:31 – Updated: 2025-09-26 21:30In the Linux kernel, the following vulnerability has been resolved:
ovl: support encoding fid from inode with no alias
Dmitry Safonov reported that a WARN_ON() assertion can be trigered by userspace when calling inotify_show_fdinfo() for an overlayfs watched inode, whose dentry aliases were discarded with drop_caches.
The WARN_ON() assertion in inotify_show_fdinfo() was removed, because it is possible for encoding file handle to fail for other reason, but the impact of failing to encode an overlayfs file handle goes beyond this assertion.
As shown in the LTP test case mentioned in the link below, failure to encode an overlayfs file handle from a non-aliased inode also leads to failure to report an fid with FAN_DELETE_SELF fanotify events.
As Dmitry notes in his analyzis of the problem, ovl_encode_fh() fails if it cannot find an alias for the inode, but this failure can be fixed. ovl_encode_fh() seldom uses the alias and in the case of non-decodable file handles, as is often the case with fanotify fid info, ovl_encode_fh() never needs to use the alias to encode a file handle.
Defer finding an alias until it is actually needed so ovl_encode_fh() will not fail in the common case of FAN_DELETE_SELF fanotify events.
{
"affected": [],
"aliases": [
"CVE-2025-21654"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-19T11:15:11Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: support encoding fid from inode with no alias\n\nDmitry Safonov reported that a WARN_ON() assertion can be trigered by\nuserspace when calling inotify_show_fdinfo() for an overlayfs watched\ninode, whose dentry aliases were discarded with drop_caches.\n\nThe WARN_ON() assertion in inotify_show_fdinfo() was removed, because\nit is possible for encoding file handle to fail for other reason, but\nthe impact of failing to encode an overlayfs file handle goes beyond\nthis assertion.\n\nAs shown in the LTP test case mentioned in the link below, failure to\nencode an overlayfs file handle from a non-aliased inode also leads to\nfailure to report an fid with FAN_DELETE_SELF fanotify events.\n\nAs Dmitry notes in his analyzis of the problem, ovl_encode_fh() fails\nif it cannot find an alias for the inode, but this failure can be fixed.\novl_encode_fh() seldom uses the alias and in the case of non-decodable\nfile handles, as is often the case with fanotify fid info,\novl_encode_fh() never needs to use the alias to encode a file handle.\n\nDefer finding an alias until it is actually needed so ovl_encode_fh()\nwill not fail in the common case of FAN_DELETE_SELF fanotify events.",
"id": "GHSA-88v5-46c4-6cxw",
"modified": "2025-09-26T21:30:27Z",
"published": "2025-01-19T12:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21654"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3c7c90274ae339e1ad443c9be1c67a20b80b9c76"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/950b604384fd75d62e860bec7135b2b62eb4d508"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a1a541fbfa7e97c1100144db34b57553d7164ce5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c45beebfde34aa71afbc48b2c54cdda623515037"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f0c0ac84de17c37e6e84da65fb920f91dada55ad"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-89RJ-5GGJ-3P9P
Vulnerability from github – Published: 2021-10-12 22:03 – Updated: 2021-11-18 15:29In OpenCV 3.3.1 (corresponds with OpenCV-Python 3.3.1.11), an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.3.1.11"
},
"package": {
"ecosystem": "PyPI",
"name": "opencv-python"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.4.1.15"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.3.1.11"
},
"package": {
"ecosystem": "PyPI",
"name": "opencv-contrib-python"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.4.1.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-5269"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": true,
"github_reviewed_at": "2021-10-07T19:49:56Z",
"nvd_published_at": "2018-01-08T05:29:00Z",
"severity": "MODERATE"
},
"details": "In OpenCV 3.3.1 (corresponds with OpenCV-Python 3.3.1.11), an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.",
"id": "GHSA-89rj-5ggj-3p9p",
"modified": "2021-11-18T15:29:39Z",
"published": "2021-10-12T22:03:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5269"
},
{
"type": "WEB",
"url": "https://github.com/opencv/opencv/issues/10540"
},
{
"type": "WEB",
"url": "https://github.com/opencv/opencv/pull/10563"
},
{
"type": "PACKAGE",
"url": "https://github.com/opencv/opencv-python"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00019.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106945"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Reachable Assertion in OpenCV."
}
GHSA-8C82-XJ9X-MXGJ
Vulnerability from github – Published: 2024-01-23 09:30 – Updated: 2025-11-04 21:31In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.
{
"affected": [],
"aliases": [
"CVE-2024-23850"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-23T09:15:36Z",
"severity": "MODERATE"
},
"details": "In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.",
"id": "GHSA-8c82-xj9x-mxgj",
"modified": "2025-11-04T21:31:04Z",
"published": "2024-01-23T09:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23850"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/all/6a80cb4b32af89787dadee728310e5e2ca85343f.1705741883.git.wqu%40suse.com"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/lkml/CALGdzuo6awWdau3X=8XK547x2vX_-VoFmH1aPsqosRTQ5WzJVA%40mail.gmail.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8CWF-CG6R-CRCF
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2025-04-20 03:50RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, related to rgw/rgw_iam_policy.cc, rgw/rgw_basic_types.h, and rgw/rgw_iam_types.h.
{
"affected": [],
"aliases": [
"CVE-2017-16818"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-20T17:29:00Z",
"severity": "MODERATE"
},
"details": "RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging \"full\" (not necessarily admin) privileges to post an invalid profile to the admin API, related to rgw/rgw_iam_policy.cc, rgw/rgw_basic_types.h, and rgw/rgw_iam_types.h.",
"id": "GHSA-8cwf-cg6r-crcf",
"modified": "2025-04-20T03:50:15Z",
"published": "2022-05-13T01:44:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16818"
},
{
"type": "WEB",
"url": "https://github.com/ceph/ceph/commit/b3118cabb8060a8cc6a01c4e8264cb18e7b1745a"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515872"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6VJA32U7HKGDRJQDJVM7JBYWD4T7BJL"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6VJA32U7HKGDRJQDJVM7JBYWD4T7BJL"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8F95-9VR9-HXF2
Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2025-04-20 03:42In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.
{
"affected": [],
"aliases": [
"CVE-2017-11368"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-09T18:29:00Z",
"severity": "MODERATE"
},
"details": "In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.",
"id": "GHSA-8f95-9vr9-hxf2",
"modified": "2025-04-20T03:42:52Z",
"published": "2022-05-13T01:28:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11368"
},
{
"type": "WEB",
"url": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0666"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100291"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8FQV-XW49-GH95
Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-06-29 00:00Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.
{
"affected": [],
"aliases": [
"CVE-2020-20265"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-11T15:15:00Z",
"severity": "MODERATE"
},
"details": "Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.",
"id": "GHSA-8fqv-xw49-gh95",
"modified": "2022-06-29T00:00:30Z",
"published": "2022-05-24T19:02:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20265"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2021/May/11"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2021/May/12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8HPX-Q4CX-GFXW
Vulnerability from github – Published: 2025-01-29 00:31 – Updated: 2025-01-29 15:31An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the ogs_dbi_auth_info function in lib/dbi/subscription.c file.
{
"affected": [],
"aliases": [
"CVE-2024-57519"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-617",
"CWE-770"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-28T23:15:08Z",
"severity": "HIGH"
},
"details": "An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the ogs_dbi_auth_info function in lib/dbi/subscription.c file.",
"id": "GHSA-8hpx-q4cx-gfxw",
"modified": "2025-01-29T15:31:34Z",
"published": "2025-01-29T00:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57519"
},
{
"type": "WEB",
"url": "https://github.com/open5gs/open5gs/issues/3635"
},
{
"type": "WEB",
"url": "https://github.com/open5gs/open5gs/commit/08b9e7c55f72649ef25b5407e7e4d938f0f16531"
},
{
"type": "WEB",
"url": "https://github.com/f4rs1ght/vuln-research/tree/main/CVE-2024-57519"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)
Mitigation
Strategy: Input Validation
Perform input validation on user data.
No CAPEC attack patterns related to this CWE.