CVE-2026-24409
BaseFortify
Publication date: 2026-01-24
Last updated on: 2026-01-30
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| color | iccdev | to 2.3.1.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-758 | The product uses an API function, data structure, or other entity in a way that relies on properties that are not always guaranteed to hold for that entity. |
| CWE-690 | The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. |
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-24409 is a vulnerability in the iccDEV library (versions 2.3.1.1 and below) related to unsafe handling of ICC color profile data during XML parsing. Specifically, the function CIccTagXmlFloatNum<>::ParseXml() does not properly check for null pointers before dereferencing an XML node pointer, leading to undefined behavior and a null pointer dereference. This occurs when user-controlled input is unsafely incorporated into ICC profile data or other structured binary blobs. The issue can cause crashes or segmentation faults due to invalid memory access. [1, 2, 3]
How can this vulnerability impact me? :
Exploitation of this vulnerability can allow an attacker to cause a denial of service (DoS) by crashing the application processing the ICC profiles. Additionally, attackers may manipulate ICC tag tables, offsets, or size fields to bypass application logic or, in some cases, achieve arbitrary code execution. The impact includes high availability impact (service disruption), low integrity impact (data manipulation), and no confidentiality impact. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the iccDEV library's XML parsing functionality with specially crafted ICC profile XML files that trigger the null pointer dereference in the CIccTagXmlFloatNum::ParseXml() function. For example, using the iccFromXml command-line tool to process a maliciously crafted XML file (such as the one named 'ub-member-access-null-pointer-struct-xmlnode.xml') can reproduce the crash and reveal the vulnerability. A command to test this could be: `iccFromXml ub-member-access-null-pointer-struct-xmlnode.xml`. Monitoring for segmentation faults or crashes during this operation indicates the presence of the vulnerability. [3]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the iccDEV library to version 2.3.1.2 or later, where the vulnerability has been fixed by adding a null pointer check before dereferencing in the ParseXml() function. There are no known workarounds. Until the upgrade is applied, avoid processing untrusted or user-controllable ICC profile data to reduce the risk of exploitation. [2, 1]