CVE-2026-31792
Received Received - Intake

Null Pointer Dereference in iccDEV Causes Denial of Service

Vulnerability report for CVE-2026-31792, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-10

Last updated on: 2026-03-13

Assigner: GitHub, Inc.

Description

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a null pointer dereference in CIccTagXmlStruct::ParseTag() causing a segmentation fault or denial of service. This vulnerability is fixed in 2.3.1.5.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-10
Last Modified
2026-03-13
Generated
2026-07-06
AI Q&A
2026-03-10
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
color iccdev to 2.3.1.5 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-31792 is a high-severity vulnerability in the iccDEV package affecting versions prior to 2.3.1.5. It is caused by a null pointer dereference in the function CIccTagXmlStruct::ParseTag(), which leads to a segmentation fault or denial of service when processing specially crafted ICC profile XML data.

The vulnerability occurs because the code dereferences a children pointer without checking if it is valid, causing a crash when the pointer is null. This issue is related to buffer handling weaknesses such as buffer copy without size checking, stack-based buffer overflow, and out-of-bounds write.

The problem requires local access with low complexity and user interaction, and it impacts confidentiality, integrity, and availability at a high level. The vulnerability was fixed in version 2.3.1.5 by adding proper pointer validation before dereferencing.

Detection Guidance

This vulnerability can be detected by attempting to reproduce the crash using a specially crafted XML file that triggers the null pointer dereference in the function CIccTagXmlStruct::ParseTag().

A known test involves using the iccFromXml command-line tool to process the crafted XML file named segv-CIccTagXmlStruct-ParseTag-IccTagXml_cpp-Line4738.xml, which causes a segmentation fault if the vulnerable version is present.

Runtime detection tools such as AddressSanitizer and UndefinedBehaviorSanitizer can be used to detect the null pointer dereference during execution.

  • Run the command: iccFromXml segv-CIccTagXmlStruct-ParseTag-IccTagXml_cpp-Line4738.xml
  • Use AddressSanitizer or UndefinedBehaviorSanitizer when building and running iccFromXml to catch null pointer dereferences.
Mitigation Strategies

The immediate mitigation step is to upgrade the iccDEV package to version 2.3.1.5 or later, where the vulnerability has been fixed.

The fix involves adding checks to ensure pointers are valid before dereferencing them in the ParseTag() method, preventing the null pointer dereference.

No workarounds are provided, so upgrading is the recommended action.

  • Update iccDEV to version 2.3.1.5 using your package manager or by downloading the fixed release.
  • Avoid processing untrusted or malformed ICC profile XML files until the update is applied.
Impact Analysis

This vulnerability can cause a denial of service by crashing applications that use the iccDEV library to process ICC profile XML data. The crash is due to a null pointer dereference, which leads to a segmentation fault.

Because it affects confidentiality, integrity, and availability at a high level, an attacker could potentially disrupt services or processes relying on iccDEV, causing application instability or downtime.

Exploitation requires local access with user interaction, but no special privileges are needed, making it a risk for users running vulnerable versions of iccDEV.

Compliance Impact

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31792. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart