Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-92XV-MW29-X4PX

Vulnerability from github – Published: 2026-04-09 18:31 – Updated: 2026-06-30 03:36
VLAI
Details

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-1584"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-09T18:16:44Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.",
  "id": "GHSA-92xv-mw29-x4px",
  "modified": "2026-06-30T03:36:15Z",
  "published": "2026-04-09T18:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1584"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:7477"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-1584"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435258"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1584.json"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9349-JQWW-WH9M

Vulnerability from github – Published: 2026-05-08 15:31 – Updated: 2026-05-21 18:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: Unreserve bo if queue update failed

Error handling path should unreserve bo then return failed.

(cherry picked from commit c24afed7de9ecce341825d8ab55a43a254348b33)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43444"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-08T15:16:56Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Unreserve bo if queue update failed\n\nError handling path should unreserve bo then return failed.\n\n(cherry picked from commit c24afed7de9ecce341825d8ab55a43a254348b33)",
  "id": "GHSA-9349-jqww-wh9m",
  "modified": "2026-05-21T18:33:06Z",
  "published": "2026-05-08T15:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43444"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2ce75a0b7e1bfddbcb9bc8aeb2e5e7fa99971acf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/529c985da1b277b36dc99aad660f96dc70f3c467"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/781110700ada22168fbb490dd61432d23a17a5b4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b2b7742c465c8e3b36dc325a48abb4b9f2aaa38b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-934F-78HG-4M96

Vulnerability from github – Published: 2022-05-13 01:40 – Updated: 2022-05-13 01:40
VLAI
Details

A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Low due to details specific to the vulnerability. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-35467107.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-0635"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-12T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Low due to details specific to the vulnerability. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-35467107.",
  "id": "GHSA-934f-78hg-4m96",
  "modified": "2022-05-13T01:40:23Z",
  "published": "2022-05-13T01:40:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0635"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2017-05-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-934X-42XG-XXFR

Vulnerability from github – Published: 2022-05-17 02:52 – Updated: 2022-05-17 02:52
VLAI
Details

The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8762"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-27T17:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.",
  "id": "GHSA-934x-42xg-xxfr",
  "modified": "2022-05-17T02:52:49Z",
  "published": "2022-05-17T02:52:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8762"
    },
    {
      "type": "WEB",
      "url": "http://freeradius.org/security.html#eap-pwd-2015"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/01/08/7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-938V-QRV3-MJ9Q

Vulnerability from github – Published: 2022-05-24 19:01 – Updated: 2022-05-24 19:01
VLAI
Details

Memory corruption during buffer allocation due to dereferencing session ctx pointer without checking if pointer is valid in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-11254"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-07T09:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Memory corruption during buffer allocation due to dereferencing session ctx pointer without checking if pointer is valid in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile",
  "id": "GHSA-938v-qrv3-mj9q",
  "modified": "2022-05-24T19:01:50Z",
  "published": "2022-05-24T19:01:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11254"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-93H7-7GPH-6J69

Vulnerability from github – Published: 2026-06-08 18:31 – Updated: 2026-07-08 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: renesas: vsp1: Fix NULL pointer deref on module unload

When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1_drm_cleanup() where it should be calling vsp1_vspx_cleanup().

Fix this by checking the IP version and calling the drm or vspx function accordingly, the same way as the init code does.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-46310"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-08T17:16:49Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: renesas: vsp1: Fix NULL pointer deref on module unload\n\nWhen unloading the module on gen 4, we hit a NULL pointer dereference.\nThis is caused by the cleanup code calling vsp1_drm_cleanup() where it\nshould be calling vsp1_vspx_cleanup().\n\nFix this by checking the IP version and calling the drm or vspx function\naccordingly, the same way as the init code does.",
  "id": "GHSA-93h7-7gph-6j69",
  "modified": "2026-07-08T15:31:36Z",
  "published": "2026-06-08T18:31:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46310"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/58b1e9664d8f74d55d8411cc7a7b275a76a6f24f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bfb2081ba00afbbd15a5ed1ed1acdc3edeea5a98"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c4bb1515b26663e5230603892e67f2cc7df9f0ca"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-93JP-MHPG-689C

Vulnerability from github – Published: 2022-05-14 03:24 – Updated: 2022-05-14 03:24
VLAI
Details

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-6250"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-02T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges.",
  "id": "GHSA-93jp-mhpg-689c",
  "modified": "2022-05-14T03:24:11Z",
  "published": "2022-05-14T03:24:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6250"
    },
    {
      "type": "WEB",
      "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4649"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-93M5-M7H3-H2PM

Vulnerability from github – Published: 2022-05-17 02:44 – Updated: 2022-05-17 02:44
VLAI
Details

libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9051"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-18T06:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.",
  "id": "GHSA-93m5-m7h3-h2pm",
  "modified": "2022-05-17T02:44:00Z",
  "published": "2022-05-17T02:44:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9051"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libav/libav/commit/fe6eea99efac66839052af547426518efd970b24"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.libav.org/show_bug.cgi?id=1039"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/98548"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-93MX-5V3M-4HCC

Vulnerability from github – Published: 2022-05-14 03:22 – Updated: 2022-05-14 03:22
VLAI
Details

The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8898"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-15T19:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.",
  "id": "GHSA-93mx-5v3m-4hcc",
  "modified": "2022-05-14T03:22:58Z",
  "published": "2022-05-14T03:22:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8898"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/pull/34"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2016:1237"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91039"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-93QP-M4M7-VJPW

Vulnerability from github – Published: 2022-02-17 00:00 – Updated: 2022-02-17 00:00
VLAI
Details

Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-23198"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-16T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-93qp-m4m7-vjpw",
  "modified": "2022-02-17T00:00:29Z",
  "published": "2022-02-17T00:00:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23198"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/illustrator/apsb22-07.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.