samhain sh_hash_compdata() Function NULL Pointer Dereference DoS
Local Access Required
Denial of Service
Loss of Availability
samhain contains a flaw that may allow a local denial of service. The problem is that the sh_hash_compdata() function fails to perform proper bounds checking resulting in a possible NULL-pointer being referenced, which may allow a malicious user to crash the application. No further details have been provided.
Upgrade to version 2.0.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.