NULL Pointer Dereference Vulnerability in GNU SASL Affecting Clients and Servers
CVE-2026-48829

7.5HIGH

Key Information:

Vendor: Gnu
Status: Gnu Sasl
Vendor: CVE Published:; 24 May 2026

What is CVE-2026-48829?

In versions of GNU SASL prior to 2.2.3, a NULL pointer dereference vulnerability exists within the DIGEST-MD5 authentication mechanism. This issue arises when a known token lacks an accompanying '=' character, which can lead to unpredictable behavior in both client and server implementations. The vulnerability is located in the file lib/digest-md5/getsubopt.c, making it critical to update to the latest version to mitigate risks associated with this flaw. Users are advised to review their implementations and apply the necessary updates to prevent potential exploitation.

Affected Version(s)

GNU SASL 0 < 2.2.3

References

https://lists.gnu.org/archive/html/help-gsasl/2026-05/msg...

https://codeberg.org/gsasl/gsasl/commit/da9b5ae2962b01487...

https://lists.debian.org/debian-security-announce/2026/ms...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 24, 2026
Vulnerability Reserved
May 24, 2026

CVE-2026-48829 Data

JSON

Gnu

What is CVE-2026-48829?

Affected Version(s)

References

CVSS V3.1

Timeline