CVE-2026-31973

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the `cram_decode_compression_header()` was missing. If the function returned an error, this could lead to a NULL pointer dereference. Exploiting this bug causes a NULL pointer dereference. Typically this will cause the program to crash. Versions 1.23.1, 1.22.2 and 1.21.1 include fixes for this issue. There is no workaround for this issue.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/samtools/samtools/commit/06fc2a219b3d7c94d3f412c09f6d1efd51199f2f	Patch
https://github.com/samtools/samtools/security/advisories/GHSA-x86f-q6fj-cm43	Vendor Advisory
http://www.openwall.com/lists/oss-security/2026/03/18/12	Mailing List Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:samtools:samtools::::::::
	cpe:2.3:a:samtools:samtools::::::::
	cpe:2.3:a:samtools:samtools:1.23:::::::*

History

No history.

Information

Published : 2026-03-18 21:16

Updated : 2026-03-19 18:48

NVD link : CVE-2026-31973

Mitre link : CVE-2026-31973

CVE.ORG link : CVE-2026-31973

JSON object : View

Products Affected

samtools

samtools

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2026-31973", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-18T21:16:26.250", "references": [{"url": "https://github.com/samtools/samtools/commit/06fc2a219b3d7c94d3f412c09f6d1efd51199f2f", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/samtools/samtools/security/advisories/GHSA-x86f-q6fj-cm43", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "http://www.openwall.com/lists/oss-security/2026/03/18/12", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the `cram_decode_compression_header()` was missing. If the function returned an error, this could lead to a NULL pointer dereference. Exploiting this bug causes a NULL pointer dereference. Typically this will cause the program to crash. Versions 1.23.1, 1.22.2 and 1.21.1 include fixes for this issue. There is no workaround for this issue."}, {"lang": "es", "value": "SAMtools es un programa para leer, manipular y escribir formatos de archivo bioinform\u00e1ticos. A partir de la versi\u00f3n 1.17, en el comando cram-size, utilizado para escribir informaci\u00f3n sobre qu\u00e9 tan bien se comprimen los archivos CRAM, se omiti\u00f3 una comprobaci\u00f3n para ver si 'cram_decode_compression_header()' estaba ausente. Si la funci\u00f3n devolv\u00eda un error, esto podr\u00eda llevar a una desreferenciaci\u00f3n de puntero NULL. Explotar este error causa una desreferenciaci\u00f3n de puntero NULL. T\u00edpicamente, esto har\u00e1 que el programa falle. Las versiones 1.23.1, 1.22.2 y 1.21.1 incluyen correcciones para este problema. No hay una soluci\u00f3n alternativa para este problema."}], "lastModified": "2026-03-19T18:48:10.830", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:samtools:samtools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AAB5401-9187-4F27-A463-B52558DE6D9D", "versionEndIncluding": "1.21.1", "versionStartIncluding": "1.17"}, {"criteria": "cpe:2.3:a:samtools:samtools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD12CAC6-5A57-435F-991C-FFA0DB2F3400", "versionEndExcluding": "1.22.2", "versionStartIncluding": "1.22"}, {"criteria": "cpe:2.3:a:samtools:samtools:1.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FAB480A-76D2-4850-B9D0-4D7F9C32B8C4"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}