A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.
Weakness
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Blender | Blender | 3.3.0-alpha (including) | 3.3.0-alpha (including) |
| OSE-OSC-1.3-RHEL-8 | RedHat | openshift-sandboxed-containers/osc-monitor-rhel8:1.3.1-5 | * |
| OSE-OSC-1.3-RHEL-8 | RedHat | openshift-sandboxed-containers/osc-must-gather-rhel8:1.3.1-6 | * |
| OSE-OSC-1.3-RHEL-8 | RedHat | openshift-sandboxed-containers/osc-operator-bundle:1.3.1-10 | * |
| OSE-OSC-1.3-RHEL-8 | RedHat | openshift-sandboxed-containers/osc-rhel8-operator:1.3.1-5 | * |
| Blender | Ubuntu | bionic | * |
| Blender | Ubuntu | focal | * |
| Blender | Ubuntu | kinetic | * |
| Blender | Ubuntu | lunar | * |
| Blender | Ubuntu | mantic | * |
| Blender | Ubuntu | oracular | * |
| Blender | Ubuntu | plucky | * |
| Blender | Ubuntu | trusty | * |
| Blender | Ubuntu | xenial | * |
Extended Description
Programmers typically catch NullPointerException under three circumstances:
Of these three circumstances, only the last is acceptable.