CVE-2025-59777 – A NULL pointer dereference vulnerability in GNU... (How to Fix)

Q: What is the severity of CVE-2025-59777?

CVE-2025-59777 has a CVSS score of 7.5 (HIGH). A NULL pointer dereference vulnerability in GNU libmicrohttpd v1.0.2 and earlier allows attackers to cause denial-of-service (DoS) by sending specially crafted packets. This affects any application using vulnerable versions of libmicrohttpd as an embedded HTTP server library. The vulnerability can crash the server process, disrupting service availability.

📋 TL;DR

A NULL pointer dereference vulnerability in GNU libmicrohttpd v1.0.2 and earlier allows attackers to cause denial-of-service (DoS) by sending specially crafted packets. This affects any application using vulnerable versions of libmicrohttpd as an embedded HTTP server library. The vulnerability can crash the server process, disrupting service availability.

💻 Affected Systems

Products:

GNU libmicrohttpd

Versions: v1.0.2 and earlier

Operating Systems: All platforms where libmicrohttpd runs

Default Config Vulnerable: ⚠️ Yes

Notes: Any application embedding libmicrohttpd v1.0.2 or earlier is vulnerable regardless of configuration.

📦 What is this software?

Libmicrohttpd by Gnu

View all CVEs affecting Libmicrohttpd →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service outage with server process crash, requiring manual restart and potentially causing data loss or service disruption.

🟠

Likely Case

Service disruption through server crashes, requiring restart of affected applications using libmicrohttpd.

🟢

If Mitigated

Minimal impact if proper network segmentation and monitoring are in place to detect and respond to crashes quickly.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending specially crafted packets to the HTTP server, which is straightforward for attackers with network access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Master branch after commit ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b

Vendor Advisory: https://www.gnu.org/software/libmicrohttpd/

Restart Required: Yes

Instructions:

1. Update to libmicrohttpd from master branch after commit ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b. 2. Rebuild and redeploy any applications using libmicrohttpd. 3. Restart affected services.

🔧 Temporary Workarounds

Network filtering

all

Implement network filtering to block malicious HTTP requests at firewall or load balancer level.

Process monitoring and auto-restart

linux

Configure process monitoring to automatically restart crashed libmicrohttpd instances.

systemctl enable your-service
systemctl start your-service

🧯 If You Can't Patch

Implement strict network access controls to limit exposure to trusted sources only.
Deploy intrusion detection systems to monitor for DoS attempts and anomalous traffic patterns.

🔍 How to Verify

Check if Vulnerable:

Check libmicrohttpd version in your application dependencies or system packages. If version is 1.0.2 or earlier, you are vulnerable.

Check Version:

ldd --version | grep libmicrohttpd or check application dependency manifest

Verify Fix Applied:

Verify that libmicrohttpd is built from source after commit ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b or check version string if a new release is available.

📡 Detection & Monitoring

Log Indicators:

Unexpected process crashes or segmentation faults in applications using libmicrohttpd
Abnormal termination logs with NULL pointer references

Network Indicators:

Spike in malformed HTTP requests to libmicrohttpd endpoints
Unusual traffic patterns from single sources

SIEM Query:

source="application.logs" AND ("segmentation fault" OR "null pointer" OR "libmicrohttpd crash")

📊 Metadata

CVE ID: CVE-2025-59777

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.05% exploit probability (15.9th percentile)

Published: November 10, 2025

Last Updated: November 14, 2025

🔗 References

https://git.gnunet.org/libmicrohttpd.git/commit/?id=ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b Patch
https://jvn.jp/en/jp/JVN76719218/ Third Party Advisory
https://www.gnu.org/software/libmicrohttpd/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-59777, you might also want to check these: