CVE-2020-12867

A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name	Vendor	Start Version	End Version
Sane_backends	Sane-project	*	1.0.30 (excluding)
Red Hat Enterprise Linux 8	RedHat	sane-backends-0:1.0.27-22.el8	*
Sane-backends	Ubuntu	bionic	*
Sane-backends	Ubuntu	eoan	*
Sane-backends	Ubuntu	focal	*
Sane-backends	Ubuntu	trusty	*
Sane-backends	Ubuntu	upstream	*
Sane-backends	Ubuntu	xenial	*

Potential Mitigations

References

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html
https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
https://gitlab.com/sane-project/backends/-/issues/279#issue-1-ghsl-2020-075-null-pointer-dereference-in-sanei_epson_net_read
https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html
https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWUVCHURVGGYBEUOBA4PLSNXJVBKHJYJ/
https://securitylab.github.com/advisories/GHSL-2020-075-libsane
https://usn.ubuntu.com/4470-1/

NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-12867
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References