CVE Vulnerabilities

CVE-2025-8865

NULL Pointer Dereference

Published: Aug 11, 2025 | Modified: Aug 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
2 LOW
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
Ubuntu

The YugabyteDB tablet server contains a flaw in its YCQL query handling that can trigger a null pointer dereference when processing certain malformed inputs. An authenticated attacker could exploit this issue to crash the YCQL tablet server, resulting in a denial of service.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Potential Mitigations

References