CVE-2025-46399 – A NULL pointer dereference vulnerability exists... (How to Fix)

Q: What is the severity of CVE-2025-46399?

CVE-2025-46399 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability exists in fig2dev's genge_itp_spline function, allowing local attackers to cause denial of service through input manipulation. This affects systems running vulnerable versions of fig2dev, particularly those processing untrusted local input files. The impact is limited to availability disruption rather than code execution.

📋 TL;DR

A NULL pointer dereference vulnerability exists in fig2dev's genge_itp_spline function, allowing local attackers to cause denial of service through input manipulation. This affects systems running vulnerable versions of fig2dev, particularly those processing untrusted local input files. The impact is limited to availability disruption rather than code execution.

💻 Affected Systems

Products:

fig2dev
transfig

Versions: Versions prior to the fix (specific version varies by distribution)

Operating Systems: Linux, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is triggered when processing malicious input files through the genge_itp_spline function. Systems using fig2dev for automated processing of untrusted files are at higher risk.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash leading to denial of service for fig2dev processes, potentially disrupting workflows that rely on this tool for figure conversion.

🟠

Likely Case

Local user can crash fig2dev when processing maliciously crafted input files, causing temporary unavailability of the tool.

🟢

If Mitigated

With proper input validation and sandboxing, impact is limited to isolated process crashes without system-wide effects.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring access to execute fig2dev with malicious input.

🏢 Internal Only: MEDIUM - Internal users with local access could exploit this to disrupt fig2dev functionality for other users on shared systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access and ability to run fig2dev with crafted input. No remote exploitation vectors identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Distribution-specific (check vendor advisories)

Vendor Advisory: https://access.redhat.com/security/cve/CVE-2025-46399

Restart Required: No

Instructions:

1. Check your distribution's security advisories. 2. Update fig2dev/transfig package using your package manager. 3. For Red Hat-based systems: 'yum update fig2dev'. 4. For Debian/Ubuntu: 'apt update && apt upgrade fig2dev'.

🔧 Temporary Workarounds

Restrict fig2dev execution

linux

Limit fig2dev execution to trusted users only

chmod 750 /usr/bin/fig2dev
setfacl -m u:trusteduser:rx /usr/bin/fig2dev

Input validation wrapper

linux

Create wrapper script to validate input files before passing to fig2dev

#!/bin/bash
# Validate input file exists and is non-empty
if [ ! -s "$1" ]; then
    echo "Invalid input file"
    exit 1
fi
/usr/bin/fig2dev "$@"

🧯 If You Can't Patch

Restrict fig2dev binary permissions to trusted users only
Implement monitoring for fig2dev process crashes and investigate abnormal patterns

🔍 How to Verify

Check if Vulnerable:

Check fig2dev version: 'fig2dev -v' or 'rpm -q fig2dev' or 'dpkg -l fig2dev'. Compare against patched versions in vendor advisories.

Check Version:

fig2dev -v 2>&1 | head -1

Verify Fix Applied:

After update, verify version is newer than vulnerable range. Test with known safe input files to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

Segmentation fault errors in system logs involving fig2dev
Abnormal process termination of fig2dev

Network Indicators:

None - local vulnerability only

SIEM Query:

process.name:"fig2dev" AND event.action:"process_end" AND exit_code:"139"

📊 Metadata

CVE ID: CVE-2025-46399

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE: CWE-476

EPSS Score: 0.04% exploit probability (13.3th percentile)

Published: April 23, 2025

Last Updated: January 8, 2026

🔗 References

https://access.redhat.com/security/cve/CVE-2025-46399 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2362053 Vendor Advisory
https://sourceforge.net/p/mcj/tickets/190/ Exploit,Issue Tracking
https://lists.debian.org/debian-lts-announce/2025/04/msg00043.html

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-46399, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Enterprise Linux by Redhat

Enterprise Linux by Redhat

Enterprise Linux by Redhat

Enterprise Linux by Redhat

Fig2dev by Fig2dev Project

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict fig2dev execution

Input validation wrapper

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities