Out-of-Bounds Read in sentry_transaction_context_set_operation()

在 NI LabVIEW 中发现了一个内存破坏漏洞 (CVE-2026-32863)，原因是 sentrytransactioncontextsetoperation() 函数中的越界读取。 此漏洞可能导致信息泄露或，更严重的是，任意代码执行。 此漏洞的 CVSS 评分是 7.8，表明存在重大风险。 该漏洞源于 LabVIEW 中内部数据处理不当，攻击者可能能够访问他们不应该访问的内存，从而损害系统完整性。 为了减轻此风险，必须更新到 26.1.1 或更高版本。

Organizations heavily reliant on NI LabVIEW for automation, data acquisition, or test and measurement applications are at significant risk. Specifically, environments where LabVIEW is used in critical infrastructure or industrial control systems are particularly vulnerable. Users who routinely open VI files from external sources or share LabVIEW projects with untrusted parties are also at increased risk.

• windows / c: Monitor for unusual process activity related to LabVIEW execution. Use Process Monitor to observe file access patterns and identify any attempts to open or execute suspicious VI files.

Get-Process -Name LabVIEW | Select-Object -ExpandProperty Path

• linux / server: Monitor system logs for errors or warnings related to memory access violations within LabVIEW processes. Use lsof to identify open files associated with LabVIEW and check for any unexpected or unauthorized files.

lsof | grep LabVIEW

• generic web: While this is a desktop application vulnerability, monitor web servers hosting LabVIEW-related files for unauthorized access attempts or suspicious file uploads. Check access logs for unusual patterns.

grep "LabVIEW" /var/log/apache2/access.log

1. 2026-04-07Disclosure

   disclosure

2. 2026-04-07Patch

   patch

1. 已保留2026-03-16
2. 发布日期2026-04-07
3. 修改日期2026-04-08
4. EPSS 更新日期2026-04-15

解决此漏洞的建议方法是更新到 NI LabVIEW 版本 26.1.1 或更高版本。 National Instruments (NI) 已发布此更新以修复根本问题。 在应用更新之前，请务必备份您的 LabVIEW 项目。 此外，请检查最近打开的 VI 文件，并在更新完成之前避免打开来自未知或不可信来源的文件。 监控系统是否存在异常活动也有助于识别潜在的利用尝试。