CWE-617
AllowedReachable Assertion
Abstraction: Base · Status: Draft
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
989 vulnerabilities reference this CWE, most recent first.
GHSA-9WP6-568F-352R
Vulnerability from github – Published: 2026-06-25 15:32 – Updated: 2026-06-25 21:31In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted.
{
"affected": [],
"aliases": [
"CVE-2026-47146"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-25T14:16:40Z",
"severity": "HIGH"
},
"details": "In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted.",
"id": "GHSA-9wp6-568f-352r",
"modified": "2026-06-25T21:31:27Z",
"published": "2026-06-25T15:32:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47146"
},
{
"type": "WEB",
"url": "https://github.com/SiliconLabsSoftware/sisdk-release"
},
{
"type": "WEB",
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm00000pEGPQIA4?operationContext=S1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9XM7-QXG2-G5P4
Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2025-06-09 18:32The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
{
"affected": [],
"aliases": [
"CVE-2020-29562"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-04T07:15:00Z",
"severity": "HIGH"
},
"details": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
"id": "GHSA-9xm7-qxg2-g5p4",
"modified": "2025-06-09T18:32:01Z",
"published": "2022-05-24T17:35:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29562"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210122-0004"
},
{
"type": "WEB",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9XRG-R2HF-Q6RM
Vulnerability from github – Published: 2025-09-16 18:31 – Updated: 2025-12-02 00:31In the Linux kernel, the following vulnerability has been resolved:
media: vimc: Fix wrong function called when vimc_init() fails
In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called rather than platform_device_unregister(&vimc_pdev), which causes kernel warning:
Unexpected driver unregister! WARNING: CPU: 1 PID: 14517 at drivers/base/driver.c:270 driver_unregister+0x8f/0xb0 RIP: 0010:driver_unregister+0x8f/0xb0 Call Trace: vimc_init+0x7d/0x1000 [vimc] do_one_initcall+0xd0/0x4e0 do_init_module+0x1cf/0x6b0 load_module+0x65c2/0x7820
{
"affected": [],
"aliases": [
"CVE-2022-50340"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-16T17:15:33Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vimc: Fix wrong function called when vimc_init() fails\n\nIn vimc_init(), when platform_driver_register(\u0026vimc_pdrv) fails,\nplatform_driver_unregister(\u0026vimc_pdrv) is wrongly called rather than\nplatform_device_unregister(\u0026vimc_pdev), which causes kernel warning:\n\n Unexpected driver unregister!\n WARNING: CPU: 1 PID: 14517 at drivers/base/driver.c:270 driver_unregister+0x8f/0xb0\n RIP: 0010:driver_unregister+0x8f/0xb0\n Call Trace:\n \u003cTASK\u003e\n vimc_init+0x7d/0x1000 [vimc]\n do_one_initcall+0xd0/0x4e0\n do_init_module+0x1cf/0x6b0\n load_module+0x65c2/0x7820",
"id": "GHSA-9xrg-r2hf-q6rm",
"modified": "2025-12-02T00:31:10Z",
"published": "2025-09-16T18:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50340"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/14d85b600bb1f6f8ef61fa8fc1907e2e623d8350"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/681ac2902039d9b497b3ae18fdc204314979e61e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9c9ff35d68691aaea85b2e93763772e23930b3a3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f38df8984ef1b45ba23888d0e232cc21a95bd04b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f74d3f326d1d5b8951ce263c59a121ecfa65e7c0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C22Q-JVVR-5R3W
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
{
"affected": [],
"aliases": [
"CVE-2017-17722"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-12T22:29:00Z",
"severity": "MODERATE"
},
"details": "In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.",
"id": "GHSA-c22q-jvvr-5r3w",
"modified": "2022-05-13T01:44:27Z",
"published": "2022-05-13T01:44:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17722"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524116"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C3M9-37FF-FF9R
Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-05-24 19:05There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCCESSFUL' failed at js-parser.c:2185 in parser_parse_source in JerryScript 2.2.0.
{
"affected": [],
"aliases": [
"CVE-2020-23312"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-10T23:15:00Z",
"severity": "HIGH"
},
"details": "There is an Assertion \u0027context.status_flags \u0026 PARSER_SCANNING_SUCCESSFUL\u0027 failed at js-parser.c:2185 in parser_parse_source in JerryScript 2.2.0.",
"id": "GHSA-c3m9-37ff-ff9r",
"modified": "2022-05-24T19:05:14Z",
"published": "2022-05-24T19:05:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23312"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/issues/3824"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-C48W-4644-5538
Vulnerability from github – Published: 2022-02-12 00:00 – Updated: 2022-04-03 00:01tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
{
"affected": [],
"aliases": [
"CVE-2021-45387"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-11T17:15:00Z",
"severity": "MODERATE"
},
"details": "tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.",
"id": "GHSA-c48w-4644-5538",
"modified": "2022-04-03T00:01:16Z",
"published": "2022-02-12T00:00:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45387"
},
{
"type": "WEB",
"url": "https://github.com/appneta/tcpreplay/issues/687"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202210-08"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C56R-J7RJ-7GGX
Vulnerability from github – Published: 2022-01-21 00:00 – Updated: 2022-01-27 00:02There is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript 3.0.0.
{
"affected": [],
"aliases": [
"CVE-2021-46338"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-20T22:15:00Z",
"severity": "MODERATE"
},
"details": "There is an Assertion \u0027ecma_is_lexical_environment (object_p)\u0027 failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript 3.0.0.",
"id": "GHSA-c56r-j7rj-7ggx",
"modified": "2022-01-27T00:02:33Z",
"published": "2022-01-21T00:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46338"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/issues/4900"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-C74J-26PG-R222
Vulnerability from github – Published: 2026-05-28 12:30 – Updated: 2026-06-30 03:36In the Linux kernel, the following vulnerability has been resolved:
RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()
Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARN_ON() then go on to corrupt the kernel.
Just reject it outright and fail the QP creation.
{
"affected": [],
"aliases": [
"CVE-2026-46117"
],
"database_specific": {
"cwe_ids": [
"CWE-1288",
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-28T10:16:27Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()\n\nSashiko points out that the user can specify WQs sharing the same CQ as a\npart of the uAPI and this will trigger the WARN_ON() then go on to corrupt\nthe kernel.\n\nJust reject it outright and fail the QP creation.",
"id": "GHSA-c74j-26pg-r222",
"modified": "2026-06-30T03:36:53Z",
"published": "2026-05-28T12:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46117"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:27789"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:30129"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-46117"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482576"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/159f2efabc89d3f931d38f2d35876535d4abf0a3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9cc0c6b1ba8cd5c55aef043e1384de0a8b4efa71"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9ef65af26b2a6738bf15812042e84b3112402d3a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/db991ba50087ad99fa12a2c483aa3be19671ea73"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46117.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C86G-2X4G-V7WF
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2022-05-13 01:13QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.
{
"affected": [],
"aliases": [
"CVE-2015-8745"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-12-29T22:59:00Z",
"severity": "MODERATE"
},
"details": "QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.",
"id": "GHSA-c86g-2x4g-v7wf",
"modified": "2022-05-13T01:13:40Z",
"published": "2022-05-13T01:13:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8745"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1270876"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"type": "WEB",
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c6048f849c7e3f009786df76206e895"
},
{
"type": "WEB",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=c6048f849c7e3f009786df76206e895"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2016/dsa-3471"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/01/04/7"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/79822"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1034575"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C874-8H7R-5764
Vulnerability from github – Published: 2025-01-22 15:32 – Updated: 2025-02-07 03:32Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a UE Context Modification Response message missing a required MME_UE_S1AP_ID field to repeatedly crash the MME, resulting in denial of service.
{
"affected": [],
"aliases": [
"CVE-2023-37016"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-22T15:15:11Z",
"severity": "HIGH"
},
"details": "Open5GS MME versions \u003c= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Context Modification Response` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.",
"id": "GHSA-c874-8h7r-5764",
"modified": "2025-02-07T03:32:01Z",
"published": "2025-01-22T15:32:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37016"
},
{
"type": "WEB",
"url": "https://cellularsecurity.org/ransacked"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)
Mitigation
Strategy: Input Validation
Perform input validation on user data.
No CAPEC attack patterns related to this CWE.