Common Weakness Enumeration

CWE-617

Allowed

Reachable Assertion

Abstraction: Base · Status: Draft

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

989 vulnerabilities reference this CWE, most recent first.

GHSA-9WP6-568F-352R

Vulnerability from github – Published: 2026-06-25 15:32 – Updated: 2026-06-25 21:31
VLAI
Details

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-47146"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-25T14:16:40Z",
    "severity": "HIGH"
  },
  "details": "In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted.",
  "id": "GHSA-9wp6-568f-352r",
  "modified": "2026-06-25T21:31:27Z",
  "published": "2026-06-25T15:32:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47146"
    },
    {
      "type": "WEB",
      "url": "https://github.com/SiliconLabsSoftware/sisdk-release"
    },
    {
      "type": "WEB",
      "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm00000pEGPQIA4?operationContext=S1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-9XM7-QXG2-G5P4

Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2025-06-09 18:32
VLAI
Details

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-29562"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-04T07:15:00Z",
    "severity": "HIGH"
  },
  "details": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
  "id": "GHSA-9xm7-qxg2-g5p4",
  "modified": "2025-06-09T18:32:01Z",
  "published": "2022-05-24T17:35:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29562"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202101-20"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210122-0004"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9XRG-R2HF-Q6RM

Vulnerability from github – Published: 2025-09-16 18:31 – Updated: 2025-12-02 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: vimc: Fix wrong function called when vimc_init() fails

In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called rather than platform_device_unregister(&vimc_pdev), which causes kernel warning:

Unexpected driver unregister! WARNING: CPU: 1 PID: 14517 at drivers/base/driver.c:270 driver_unregister+0x8f/0xb0 RIP: 0010:driver_unregister+0x8f/0xb0 Call Trace: vimc_init+0x7d/0x1000 [vimc] do_one_initcall+0xd0/0x4e0 do_init_module+0x1cf/0x6b0 load_module+0x65c2/0x7820

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50340"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-16T17:15:33Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vimc: Fix wrong function called when vimc_init() fails\n\nIn vimc_init(), when platform_driver_register(\u0026vimc_pdrv) fails,\nplatform_driver_unregister(\u0026vimc_pdrv) is wrongly called rather than\nplatform_device_unregister(\u0026vimc_pdev), which causes kernel warning:\n\n Unexpected driver unregister!\n WARNING: CPU: 1 PID: 14517 at drivers/base/driver.c:270 driver_unregister+0x8f/0xb0\n RIP: 0010:driver_unregister+0x8f/0xb0\n Call Trace:\n  \u003cTASK\u003e\n  vimc_init+0x7d/0x1000 [vimc]\n  do_one_initcall+0xd0/0x4e0\n  do_init_module+0x1cf/0x6b0\n  load_module+0x65c2/0x7820",
  "id": "GHSA-9xrg-r2hf-q6rm",
  "modified": "2025-12-02T00:31:10Z",
  "published": "2025-09-16T18:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50340"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/14d85b600bb1f6f8ef61fa8fc1907e2e623d8350"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/681ac2902039d9b497b3ae18fdc204314979e61e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9c9ff35d68691aaea85b2e93763772e23930b3a3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f38df8984ef1b45ba23888d0e232cc21a95bd04b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f74d3f326d1d5b8951ce263c59a121ecfa65e7c0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C22Q-JVVR-5R3W

Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44
VLAI
Details

In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-17722"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-12T22:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.",
  "id": "GHSA-c22q-jvvr-5r3w",
  "modified": "2022-05-13T01:44:27Z",
  "published": "2022-05-13T01:44:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17722"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524116"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C3M9-37FF-FF9R

Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-05-24 19:05
VLAI
Details

There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCCESSFUL' failed at js-parser.c:2185 in parser_parse_source in JerryScript 2.2.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-23312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-10T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "There is an Assertion \u0027context.status_flags \u0026 PARSER_SCANNING_SUCCESSFUL\u0027 failed at js-parser.c:2185 in parser_parse_source in JerryScript 2.2.0.",
  "id": "GHSA-c3m9-37ff-ff9r",
  "modified": "2022-05-24T19:05:14Z",
  "published": "2022-05-24T19:05:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23312"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jerryscript-project/jerryscript/issues/3824"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-C48W-4644-5538

Vulnerability from github – Published: 2022-02-12 00:00 – Updated: 2022-04-03 00:01
VLAI
Details

tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-45387"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-11T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.",
  "id": "GHSA-c48w-4644-5538",
  "modified": "2022-04-03T00:01:16Z",
  "published": "2022-02-12T00:00:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45387"
    },
    {
      "type": "WEB",
      "url": "https://github.com/appneta/tcpreplay/issues/687"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202210-08"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C56R-J7RJ-7GGX

Vulnerability from github – Published: 2022-01-21 00:00 – Updated: 2022-01-27 00:02
VLAI
Details

There is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript 3.0.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46338"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-20T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "There is an Assertion \u0027ecma_is_lexical_environment (object_p)\u0027 failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript 3.0.0.",
  "id": "GHSA-c56r-j7rj-7ggx",
  "modified": "2022-01-27T00:02:33Z",
  "published": "2022-01-21T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46338"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jerryscript-project/jerryscript/issues/4900"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-C74J-26PG-R222

Vulnerability from github – Published: 2026-05-28 12:30 – Updated: 2026-06-30 03:36
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARN_ON() then go on to corrupt the kernel.

Just reject it outright and fail the QP creation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-46117"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1288",
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T10:16:27Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()\n\nSashiko points out that the user can specify WQs sharing the same CQ as a\npart of the uAPI and this will trigger the WARN_ON() then go on to corrupt\nthe kernel.\n\nJust reject it outright and fail the QP creation.",
  "id": "GHSA-c74j-26pg-r222",
  "modified": "2026-06-30T03:36:53Z",
  "published": "2026-05-28T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46117"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:27789"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:30129"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-46117"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482576"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/159f2efabc89d3f931d38f2d35876535d4abf0a3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9cc0c6b1ba8cd5c55aef043e1384de0a8b4efa71"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9ef65af26b2a6738bf15812042e84b3112402d3a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/db991ba50087ad99fa12a2c483aa3be19671ea73"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46117.json"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C86G-2X4G-V7WF

Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2022-05-13 01:13
VLAI
Details

QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-12-29T22:59:00Z",
    "severity": "MODERATE"
  },
  "details": "QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.",
  "id": "GHSA-c86g-2x4g-v7wf",
  "modified": "2022-05-13T01:13:40Z",
  "published": "2022-05-13T01:13:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8745"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1270876"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201602-01"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c6048f849c7e3f009786df76206e895"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=c6048f849c7e3f009786df76206e895"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2016/dsa-3471"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/01/04/4"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/01/04/7"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/79822"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034575"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C874-8H7R-5764

Vulnerability from github – Published: 2025-01-22 15:32 – Updated: 2025-02-07 03:32
VLAI
Details

Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a UE Context Modification Response message missing a required MME_UE_S1AP_ID field to repeatedly crash the MME, resulting in denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-37016"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-22T15:15:11Z",
    "severity": "HIGH"
  },
  "details": "Open5GS MME versions \u003c= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Context Modification Response` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.",
  "id": "GHSA-c874-8h7r-5764",
  "modified": "2025-02-07T03:32:01Z",
  "published": "2025-01-22T15:32:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37016"
    },
    {
      "type": "WEB",
      "url": "https://cellularsecurity.org/ransacked"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)

Mitigation
Implementation

Strategy: Input Validation

Perform input validation on user data.

No CAPEC attack patterns related to this CWE.