Description
Wazuh wazuh-modulesd before 5.0.0-beta3 contains a null pointer dereference vulnerability in inventory_sync FlatBuffer DataValue handling. An enrolled agent can send a verifier-valid DataValue message omitting the optional id field, causing wazuh-modulesd to crash when dereferencing data->id()->string_view() without null validation, resulting in denial of service.
Problem types
Product status
Any version before 5.0.0-beta3
5.0.0-beta3 (semver)
Credits
kocaemre
vikman90
References
github.com/.../wazuh/security/advisories/GHSA-6hxp-c9x3-qc7p
github.com/.../wazuh/security/advisories/GHSA-6hxp-c9x3-qc7p (GitHub Security Advisory (GHSA-6hxp-c9x3-qc7p))
github.com/...ommit/3adf4f87942705aa0ceeba1e145c259cc9dcd242
www.vulncheck.com/...tory-sync-datavalue-flatbuffer-handling (VulnCheck Advisory: Wazuh - NULL Pointer Dereference in inventory_sync DataValue FlatBuffer Handling)