A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pan-os | Paloaltonetworks | 10.2.0 (including) | 10.2.7 (excluding) |
| Pan-os | Paloaltonetworks | 11.0.0 (including) | 11.0.6 (excluding) |
| Pan-os | Paloaltonetworks | 11.1.0 (including) | 11.1.4 (excluding) |
| Pan-os | Paloaltonetworks | 10.2.7-h1 (including) | 10.2.7-h1 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h12 (including) | 10.2.7-h12 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h16 (including) | 10.2.7-h16 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h18 (including) | 10.2.7-h18 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h19 (including) | 10.2.7-h19 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h3 (including) | 10.2.7-h3 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h6 (including) | 10.2.7-h6 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h8 (including) | 10.2.7-h8 (including) |
| Pan-os | Paloaltonetworks | 10.2.8 (including) | 10.2.8 (including) |
| Pan-os | Paloaltonetworks | 10.2.8-h10 (including) | 10.2.8-h10 (including) |
| Pan-os | Paloaltonetworks | 10.2.8-h13 (including) | 10.2.8-h13 (including) |
| Pan-os | Paloaltonetworks | 10.2.8-h15 (including) | 10.2.8-h15 (including) |
| Pan-os | Paloaltonetworks | 10.2.8-h3 (including) | 10.2.8-h3 (including) |
| Pan-os | Paloaltonetworks | 10.2.8-h4 (including) | 10.2.8-h4 (including) |
| Pan-os | Paloaltonetworks | 10.2.9 (including) | 10.2.9 (including) |
| Pan-os | Paloaltonetworks | 10.2.9-h1 (including) | 10.2.9-h1 (including) |
| Pan-os | Paloaltonetworks | 10.2.9-h11 (including) | 10.2.9-h11 (including) |
| Pan-os | Paloaltonetworks | 10.2.9-h14 (including) | 10.2.9-h14 (including) |
| Pan-os | Paloaltonetworks | 10.2.9-h16 (including) | 10.2.9-h16 (including) |
| Pan-os | Paloaltonetworks | 10.2.9-h9 (including) | 10.2.9-h9 (including) |
| Pan-os | Paloaltonetworks | 10.2.10 (including) | 10.2.10 (including) |
| Pan-os | Paloaltonetworks | 10.2.10-h2 (including) | 10.2.10-h2 (including) |
| Pan-os | Paloaltonetworks | 10.2.10-h3 (including) | 10.2.10-h3 (including) |
| Pan-os | Paloaltonetworks | 10.2.10-h4 (including) | 10.2.10-h4 (including) |
| Pan-os | Paloaltonetworks | 10.2.10-h5 (including) | 10.2.10-h5 (including) |
| Pan-os | Paloaltonetworks | 10.2.10-h7 (including) | 10.2.10-h7 (including) |
| Pan-os | Paloaltonetworks | 10.2.10-h9 (including) | 10.2.10-h9 (including) |
| Pan-os | Paloaltonetworks | 11.1.4 (including) | 11.1.4 (including) |
| Pan-os | Paloaltonetworks | 11.1.4-h1 (including) | 11.1.4-h1 (including) |
| Pan-os | Paloaltonetworks | 11.1.4-h4 (including) | 11.1.4-h4 (including) |
| Pan-os | Paloaltonetworks | 11.1.4-h7 (including) | 11.1.4-h7 (including) |