CWE-617— Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.— MITRE CWE catalog
723 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-617page 12 of 15
- CVE-2025-21654MEDIUMCVSS 5.5EG 5.52025-01-19
In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARN_ON() assertion can be trigered by userspace when calling inotify_show_fdinfo() for…
- CVE-2025-21721MEDIUMCVSS 5.5EG 5.52025-02-27
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfs_prepare_chunk() may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUG_ON check failures reported b…
- CVE-2025-21754MEDIUMCVSS 5.5EG 5.52025-02-27
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion failure when splitting ordered extent after transaction abort If while we are doing a direct IO write a transaction abort happens, we mark all exist…
- CVE-2025-22919MEDIUMCVSS 6.5EG 6.52025-02-18
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.
- CVE-2025-24798MEDIUMCVSS 4.3EG 4.32025-07-10
Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains want_response==true causes a crash. This can lead to a degradation of service for nodes within range of a mali…
- CVE-2025-27066HIGHCVSS 7.5EG 7.52025-08-06
Transient DOS while processing an ANQP message.
- CVE-2025-27073HIGHCVSS 7.5EG 7.52025-08-06
Transient DOS while creating NDP instance.
- CVE-2025-29339HIGHCVSS 7.5EG 7.52025-04-22
An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid…
- CVE-2025-30034MEDIUMCVSS 6.2EG 6.22025-08-12
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated loc…
- CVE-2025-31160LOWCVSS 2.9EG 2.92025-03-26
atop through 2.11.0 allows local users to cause a denial of service (e.g., assertion failure and application exit) or possibly have unspecified other impact by running certain types of unprivileged processes while a different user runs ato…
- CVE-2025-32095HIGHCVSS 7.5EG 7.52025-12-25
Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.
- CVE-2025-32096HIGHCVSS 7.5EG 7.52025-12-25
Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service.
- CVE-2025-34458HIGHCVSS 8.7EG 8.72025-12-22
wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprs_mic_e() located in src/decode_aprs.c. When processing a specially cr…
- CVE-2025-36512HIGHCVSS 7.5EG 7.52025-07-22
A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction heartbeat. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to…
- CVE-2025-37864MEDIUMCVSS 5.5EG 5.52025-05-09
In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entries on unbind As explained in many places such as commit b117e1e8a86d ("net: dsa: delete dsa_legacy_fdb_add and dsa_legacy_fdb_del"…
- CVE-2025-37878MEDIUMCVSS 5.5EG 5.52025-05-09
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init Move the get_ctx(child_ctx) call and the child_event->ctx assignment to occur immediately after the child…
- CVE-2025-37897MEDIUMCVSS 5.5EG 5.52025-05-20
In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release plfxlc_mac_release() asserts that mac->lock is held. This assertion is incorrect, because even if it was poss…
- CVE-2025-37930MEDIUMCVSS 5.5EG 5.52025-05-20
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() Nouveau is mostly designed in a way that it's expected that fences only ever get signaled through nouveau_fence_…
- CVE-2025-38066MEDIUMCVSS 5.5EG 5.52025-06-18
In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUG_ON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves…
- CVE-2025-38223MEDIUMCVSS 5.5EG 5.52025-07-04
In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUG_ON for the case of encrypted inode with unaligned file size (for exam…
- CVE-2025-38285MEDIUMCVSS 5.5EG 5.52025-07-10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN() in get_bpf_raw_tp_regs syzkaller reported an issue: WARNING: CPU: 3 PID: 5971 at kernel/trace/bpf_trace.c:1861 get_bpf_raw_tp_regs+0xa4/0x100 kernel/tra…
- CVE-2025-38503MEDIUMCVSS 5.5EG 5.52025-08-16
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion when building free space tree When building the free space tree with the block group tree feature enabled, we can hit an assertion failure like this…
- CVE-2025-38544MEDIUMCVSS 5.5EG 5.52025-08-16
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AF_RXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will…
- CVE-2025-38637MEDIUMCVSS 5.5EG 5.52025-04-18
In the Linux kernel, the following vulnerability has been resolved: net_sched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain condition…
- CVE-2025-38642MEDIUMCVSS 5.5EG 5.52025-08-22
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix WARN_ON for monitor mode on some devices On devices without WANT_MONITOR_VIF (and probably without channel context support) we get a WARN_ON for chan…
- CVE-2025-38690MEDIUMCVSS 5.5EG 5.52025-09-04
In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XE_CAHELINE_BYTES we fallback to using a bounce buffer. However the bounce buffer here i…
- CVE-2025-38701MEDIUMCVSS 5.5EG 5.52025-09-04
In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr A syzbot fuzzed image triggered a BUG_ON in ext4_update_inline_data() when an inode had the INLINE_DATA_FL f…
- CVE-2025-38712MEDIUMCVSS 5.5EG 5.52025-09-04
In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() When the volume header contains erroneous values that do not reflect the actual state of the filesystem, …
- CVE-2025-39768MEDIUMCVSS 5.5EG 5.52025-09-11
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix complex rules rehash error flow Moving rules from matcher to matcher should not fail. However, if it does fail due to various reasons, the error flow …
- CVE-2025-39801MEDIUMCVSS 5.5EG 5.52025-09-15
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Remove WARN_ON for device endpoint command timeouts This commit addresses a rarely observed endpoint command timeout which causes kernel panic due to warn whe…
- CVE-2025-39803HIGHCVSS 7.8EG 7.82025-09-15
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove WARN_ON_ONCE() call from ufshcd_uic_cmd_compl() The UIC completion interrupt may be disabled while an UIC command is being processed. When the UI…
- CVE-2025-40777HIGHCVSS 7.5EG 7.52025-07-16
If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other than `disabled`), and if the resolver, in the process of resolving a query, enco…
- CVE-2025-41067HIGHCVSS 7.5EG 7.52025-10-27
Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF's own registry causes a check that ends up crashing the NRF pr…
- CVE-2025-41068HIGHCVSS 7.5EG 7.52025-10-27
Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting…
- CVE-2025-4321HIGHCVSS 7.1EG 7.12025-11-17
In a Bluetooth device, using RS9116-WiseConnect SDK experiences a Denial of Service, if it receives malformed L2CAP packets, only hard reset will bring the device to normal operation
- CVE-2025-46149MEDIUMCVSS 5.3EG 5.32025-09-25
In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error.
- CVE-2025-46354HIGHCVSS 7.5EG 7.52025-07-22
A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious pack…
- CVE-2025-46705HIGHCVSS 7.5EG 9.62025-11-05
A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML assertion response can lead to a denial of service. An attacker can send a malformed SAML…
- CVE-2025-47229LOWCVSS 2.9EG 2.92025-05-03
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted input data, such as data that triggers a call from src/data/dictionary.c code i…
- CVE-2025-47370MEDIUMCVSS 6.5EG 6.52025-11-04
Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.
- CVE-2025-47913HIGHCVSS 7.5EG 7.52025-11-13
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
- CVE-2025-48019MEDIUMCVSS 6.5EG 6.52026-02-13
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and ve…
- CVE-2025-48020MEDIUMCVSS 6.5EG 6.52026-02-13
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and ve…
- CVE-2025-48023MEDIUMCVSS 6.5EG 6.52026-02-13
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and ve…
- CVE-2025-48704HIGHCVSS 7.5EG 7.52025-12-25
Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a denial of service.
- CVE-2025-49088MEDIUMCVSS 5.9EG 5.92025-12-25
Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafte…
- CVE-2025-49630HIGHCVSS 7.5EG 7.52025-07-10
In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2. Configurations affected are a reverse…
- CVE-2025-50422LOWCVSS 2.9EG 6.52025-08-04
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.
- CVE-2025-52958MEDIUMCVSS 5.3EG 5.32025-07-11
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evol…
- CVE-2025-52964MEDIUMCVSS 6.5EG 6.52025-07-11
A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When the device receives a sp…
Map vulnerabilities like CWE-617 to your infrastructure
EchelonGraph correlates every CVE — across CWE-617 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →