In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module cant be NULL. But in some cases, node->module can be null, which triggers a reachable assertion (CWE-617).
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Libyang | Cesnet | * | 1.0.225 (including) |
| Libyang | Ubuntu | esm-apps/focal | * |
| Libyang | Ubuntu | focal | * |
| Libyang | Ubuntu | groovy | * |
| Libyang | Ubuntu | hirsute | * |
| Libyang | Ubuntu | trusty | * |
| Libyang | Ubuntu | upstream | * |
| Libyang | Ubuntu | xenial | * |
While assertion is good for catching logic errors and reducing the chances of reaching more serious vulnerability conditions, it can still lead to a denial of service. For example, if a server handles multiple simultaneous connections, and an assert() occurs in one single connection that causes all other connections to be dropped, this is a reachable assertion that leads to a denial of service.