CVE-2026-44638: CWE-476: NULL Pointer Dereference in saitoha libsixel
CVE-2026-44638 is a NULL pointer dereference vulnerability in saitoha libsixel versions from 1. 0. 0 up to but not including 1. 8. 7-r2. The issue arises from an incorrect NULL check after a memory allocation call in the sixel_decode_raw and sixel_decode functions, which leads to a denial of service by crashing the process when allocation fails under low-memory conditions. This vulnerability has a low severity score and does not impact confidentiality or integrity.
AI Analysis
Technical Summary
libsixel, a SIXEL encoder/decoder, contains a vulnerability in versions >= 1.0.0 and < 1.8.7-r2 where the functions sixel_decode_raw and sixel_decode perform an incorrect NULL check after memory allocation. Instead of checking the returned pointer from malloc, the code checks the address of the output parameter, which is always non-NULL. Consequently, if malloc fails and returns NULL, the functions proceed to write through a NULL pointer, causing a process crash. This results in a denial of service condition under low-memory scenarios. The vulnerability is fixed in version 1.8.7-r2.
Potential Impact
The vulnerability causes a denial of service by crashing the process that calls the affected libsixel functions when memory allocation fails. There is no impact on confidentiality or integrity. Exploitation requires a low-memory condition and local access due to the attack vector being local (AV:L).
Mitigation Recommendations
A fix is available in libsixel version 1.8.7-r2. Users should upgrade to this version or later to remediate the vulnerability. Patch status is confirmed by the vendor's versioning information. No additional mitigation is indicated.
CVE-2026-44638: CWE-476: NULL Pointer Dereference in saitoha libsixel
Description
CVE-2026-44638 is a NULL pointer dereference vulnerability in saitoha libsixel versions from 1. 0. 0 up to but not including 1. 8. 7-r2. The issue arises from an incorrect NULL check after a memory allocation call in the sixel_decode_raw and sixel_decode functions, which leads to a denial of service by crashing the process when allocation fails under low-memory conditions. This vulnerability has a low severity score and does not impact confidentiality or integrity.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
libsixel, a SIXEL encoder/decoder, contains a vulnerability in versions >= 1.0.0 and < 1.8.7-r2 where the functions sixel_decode_raw and sixel_decode perform an incorrect NULL check after memory allocation. Instead of checking the returned pointer from malloc, the code checks the address of the output parameter, which is always non-NULL. Consequently, if malloc fails and returns NULL, the functions proceed to write through a NULL pointer, causing a process crash. This results in a denial of service condition under low-memory scenarios. The vulnerability is fixed in version 1.8.7-r2.
Potential Impact
The vulnerability causes a denial of service by crashing the process that calls the affected libsixel functions when memory allocation fails. There is no impact on confidentiality or integrity. Exploitation requires a low-memory condition and local access due to the attack vector being local (AV:L).
Mitigation Recommendations
A fix is available in libsixel version 1.8.7-r2. Users should upgrade to this version or later to remediate the vulnerability. Patch status is confirmed by the vendor's versioning information. No additional mitigation is indicated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-07T15:30:10.875Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a062b58ec166c07b00deb50
Added to database: 5/14/2026, 8:06:48 PM
Last enriched: 5/14/2026, 9:08:30 PM
Last updated: 5/15/2026, 7:44:32 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.