CVE-2021-44508 – This vulnerability in FIS GT.M (and related Yot... (How to Fix)

Q: What is the severity of CVE-2021-44508?

CVE-2021-44508 has a CVSS score of 7.5 (HIGH). This vulnerability in FIS GT.M (and related YottaDB) allows attackers to crash the application by triggering a NULL pointer dereference. It affects systems running vulnerable versions of GT.M/YottaDB database software. The crash results in denial of service.

📋 TL;DR

This vulnerability in FIS GT.M (and related YottaDB) allows attackers to crash the application by triggering a NULL pointer dereference. It affects systems running vulnerable versions of GT.M/YottaDB database software. The crash results in denial of service.

💻 Affected Systems

Products:

FIS GT.M
YottaDB

Versions: All versions through V7.0-000

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the core database engine, so all installations are vulnerable

📦 What is this software?

Gt.m by Fisglobal

View all CVEs affecting Gt.m →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash leading to denial of service for database-dependent applications

🟠

Likely Case

Application crash and service disruption requiring manual restart

🟢

If Mitigated

No impact if patched or if vulnerable component isn't exposed

🌐 Internet-Facing: MEDIUM - Requires specific conditions to trigger but could disrupt services

🏢 Internal Only: MEDIUM - Internal attackers or misconfigured applications could trigger the crash

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to trigger specific code paths in ious_open function

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V7.0-002 and later

Vendor Advisory: http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html

Restart Required: Yes

Instructions:

1. Download GT.M V7.0-002 or later from sourceforge.net/projects/fis-gtm/files/ 2. Follow installation instructions for your platform 3. Restart all GT.M/YottaDB processes

🔧 Temporary Workarounds

No known effective workarounds

all

This is a core code vulnerability requiring patching

🧯 If You Can't Patch

Restrict access to GT.M/YottaDB processes to trusted users only
Implement monitoring for application crashes and have rapid restart procedures

🔍 How to Verify

Check if Vulnerable:

Check GT.M version: mumps -version | grep 'GT.M'

Check Version:

mumps -version

Verify Fix Applied:

Verify version is V7.0-002 or later: mumps -version

📡 Detection & Monitoring

Log Indicators:

Application crash logs
Segmentation fault errors in system logs
Unexpected GT.M/YottaDB process termination

Network Indicators:

Sudden loss of database connectivity
Application timeouts

SIEM Query:

source="system_logs" AND ("segmentation fault" OR "GT.M crash" OR "YottaDB terminated")

📊 Metadata

CVE ID: CVE-2021-44508

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: April 15, 2022

Last Updated: November 21, 2024

🔗 References

http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html Release Notes,Vendor Advisory
https://gitlab.com/YottaDB/DB/YDB/-/issues/828 Issue Tracking,Patch,Third Party Advisory
https://sourceforge.net/projects/fis-gtm/files/ Third Party Advisory
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html Release Notes,Vendor Advisory
https://gitlab.com/YottaDB/DB/YDB/-/issues/828 Issue Tracking,Patch,Third Party Advisory
https://sourceforge.net/projects/fis-gtm/files/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-44508, you might also want to check these: