CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-962X-C789-66RF
Vulnerability from github – Published: 2022-05-24 17:28 – Updated: 2024-03-21 03:33libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2020-24890"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-09-16T15:15:00Z",
"severity": "MODERATE"
},
"details": "libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution.",
"id": "GHSA-962x-c789-66rf",
"modified": "2024-03-21T03:33:55Z",
"published": "2022-05-24T17:28:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24890"
},
{
"type": "WEB",
"url": "https://github.com/LibRaw/LibRaw/issues/335"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWHUZCRMGOC3QS6C65KWBM6ZJM25V6HI"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWHUZCRMGOC3QS6C65KWBM6ZJM25V6HI"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202010-05"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9633-355P-9WPX
Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-07 21:31In the Linux kernel, the following vulnerability has been resolved:
net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()
lan966x_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen:
lan966x_stats_init() create_singlethread_workqueue() # failed, lan966x->stats_queue is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-ptr-deref
Check the ret value and return -ENOMEM if it is NULL.
{
"affected": [],
"aliases": [
"CVE-2022-49805"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T15:16:03Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()\n\nlan966x_stats_init() calls create_singlethread_workqueue() and not\nchecked the ret value, which may return NULL. And a null-ptr-deref may\nhappen:\n\nlan966x_stats_init()\n create_singlethread_workqueue() # failed, lan966x-\u003estats_queue is NULL\n queue_delayed_work()\n queue_delayed_work_on()\n __queue_delayed_work() # warning here, but continue\n __queue_work() # access wq-\u003eflags, null-ptr-deref\n\nCheck the ret value and return -ENOMEM if it is NULL.",
"id": "GHSA-9633-355p-9wpx",
"modified": "2025-11-07T21:31:19Z",
"published": "2025-05-01T15:31:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49805"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4a43c1c6040e848e1344c7b16ac696b68fbc439c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ba86af3733aece88dbcee0dfebf7e2dcfefb2be4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9688-9JMC-XF77
Vulnerability from github – Published: 2026-01-07 12:31 – Updated: 2026-03-12 21:34A NULL Pointer Dereference vulnerability in TP-Link Archer BE400 V1(802.11 modules) allows
an adjacent attacker to cause a denial-of-service (DoS) by triggering a device reboot.
This issue affects Archer BE400: xi 1.1.0 Build 20250710 rel.14914.
{
"affected": [],
"aliases": [
"CVE-2025-14631"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-07T12:16:55Z",
"severity": "HIGH"
},
"details": "A NULL Pointer Dereference vulnerability in TP-Link Archer BE400 V1(802.11 modules) allows\u00a0\n\nan adjacent attacker to cause a denial-of-service (DoS) by triggering a device reboot.\n\nThis issue affects Archer BE400: xi 1.1.0 Build 20250710 rel.14914.",
"id": "GHSA-9688-9jmc-xf77",
"modified": "2026-03-12T21:34:39Z",
"published": "2026-01-07T12:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14631"
},
{
"type": "WEB",
"url": "https://www.tp-link.com/en/support/download/archer-be400/v1/#Firmware"
},
{
"type": "WEB",
"url": "https://www.tp-link.com/us/support/download/archer-be400/#Firmware"
},
{
"type": "WEB",
"url": "https://www.tp-link.com/us/support/faq/4871"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-968H-6229-65GG
Vulnerability from github – Published: 2024-07-12 15:31 – Updated: 2025-11-04 00:30In the Linux kernel, the following vulnerability has been resolved:
seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors
input_action_end_dx4() and input_action_end_dx6() are called NF_HOOK() for PREROUTING hook, in PREROUTING hook, we should passing a valid indev, and a NULL outdev to NF_HOOK(), otherwise may trigger a NULL pointer dereference, as below:
[74830.647293] BUG: kernel NULL pointer dereference, address: 0000000000000090
[74830.655633] #PF: supervisor read access in kernel mode
[74830.657888] #PF: error_code(0x0000) - not-present page
[74830.659500] PGD 0 P4D 0
[74830.660450] Oops: 0000 [#1] PREEMPT SMP PTI
...
[74830.664953] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[74830.666569] RIP: 0010:rpfilter_mt+0x44/0x15e [ipt_rpfilter]
...
[74830.689725] Call Trace:
[74830.690402] <IRQ>
[74830.690953] ? show_trace_log_lvl+0x1c4/0x2df
[74830.692020] ? show_trace_log_lvl+0x1c4/0x2df
[74830.693095] ? ipt_do_table+0x286/0x710 [ip_tables]
[74830.694275] ? __die_body.cold+0x8/0xd
[74830.695205] ? page_fault_oops+0xac/0x140
[74830.696244] ? exc_page_fault+0x62/0x150
[74830.697225] ? asm_exc_page_fault+0x22/0x30
[74830.698344] ? rpfilter_mt+0x44/0x15e [ipt_rpfilter]
[74830.699540] ipt_do_table+0x286/0x710 [ip_tables]
[74830.700758] ? ip6_route_input+0x19d/0x240
[74830.701752] nf_hook_slow+0x3f/0xb0
[74830.702678] input_action_end_dx4+0x19b/0x1e0
[74830.703735] ? input_action_end_t+0xe0/0xe0
[74830.704734] seg6_local_input_core+0x2d/0x60
[74830.705782] lwtunnel_input+0x5b/0xb0
[74830.706690] __netif_receive_skb_one_core+0x63/0xa0
[74830.707825] process_backlog+0x99/0x140
[74830.709538] __napi_poll+0x2c/0x160
[74830.710673] net_rx_action+0x296/0x350
[74830.711860] __do_softirq+0xcb/0x2ac
[74830.713049] do_softirq+0x63/0x90
input_action_end_dx4() passing a NULL indev to NF_HOOK(), and finally trigger a NULL dereference in rpfilter_mt()->rpfilter_is_loopback():
static bool
rpfilter_is_loopback(const struct sk_buff *skb,
const struct net_device *in)
{
// in is NULL
return skb->pkt_type == PACKET_LOOPBACK ||
in->flags & IFF_LOOPBACK;
}
{
"affected": [],
"aliases": [
"CVE-2024-40957"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-12T13:15:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nseg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors\n\ninput_action_end_dx4() and input_action_end_dx6() are called NF_HOOK() for\nPREROUTING hook, in PREROUTING hook, we should passing a valid indev,\nand a NULL outdev to NF_HOOK(), otherwise may trigger a NULL pointer\ndereference, as below:\n\n [74830.647293] BUG: kernel NULL pointer dereference, address: 0000000000000090\n [74830.655633] #PF: supervisor read access in kernel mode\n [74830.657888] #PF: error_code(0x0000) - not-present page\n [74830.659500] PGD 0 P4D 0\n [74830.660450] Oops: 0000 [#1] PREEMPT SMP PTI\n ...\n [74830.664953] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\n [74830.666569] RIP: 0010:rpfilter_mt+0x44/0x15e [ipt_rpfilter]\n ...\n [74830.689725] Call Trace:\n [74830.690402] \u003cIRQ\u003e\n [74830.690953] ? show_trace_log_lvl+0x1c4/0x2df\n [74830.692020] ? show_trace_log_lvl+0x1c4/0x2df\n [74830.693095] ? ipt_do_table+0x286/0x710 [ip_tables]\n [74830.694275] ? __die_body.cold+0x8/0xd\n [74830.695205] ? page_fault_oops+0xac/0x140\n [74830.696244] ? exc_page_fault+0x62/0x150\n [74830.697225] ? asm_exc_page_fault+0x22/0x30\n [74830.698344] ? rpfilter_mt+0x44/0x15e [ipt_rpfilter]\n [74830.699540] ipt_do_table+0x286/0x710 [ip_tables]\n [74830.700758] ? ip6_route_input+0x19d/0x240\n [74830.701752] nf_hook_slow+0x3f/0xb0\n [74830.702678] input_action_end_dx4+0x19b/0x1e0\n [74830.703735] ? input_action_end_t+0xe0/0xe0\n [74830.704734] seg6_local_input_core+0x2d/0x60\n [74830.705782] lwtunnel_input+0x5b/0xb0\n [74830.706690] __netif_receive_skb_one_core+0x63/0xa0\n [74830.707825] process_backlog+0x99/0x140\n [74830.709538] __napi_poll+0x2c/0x160\n [74830.710673] net_rx_action+0x296/0x350\n [74830.711860] __do_softirq+0xcb/0x2ac\n [74830.713049] do_softirq+0x63/0x90\n\ninput_action_end_dx4() passing a NULL indev to NF_HOOK(), and finally\ntrigger a NULL dereference in rpfilter_mt()-\u003erpfilter_is_loopback():\n\n static bool\n rpfilter_is_loopback(const struct sk_buff *skb,\n \t const struct net_device *in)\n {\n // in is NULL\n return skb-\u003epkt_type == PACKET_LOOPBACK ||\n \t in-\u003eflags \u0026 IFF_LOOPBACK;\n }",
"id": "GHSA-968h-6229-65gg",
"modified": "2025-11-04T00:30:55Z",
"published": "2024-07-12T15:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40957"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/561475d53aa7e4511ee7cdba8728ded81cf1db1c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9a3bc8d16e0aacd65c31aaf23a2bced3288a7779"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/af90e3d73dc45778767b2fb6e7edd57ebe34380d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d62df86c172033679d744f07d89e93e367dd11f6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ec4d970b597ee5e17b0d8d73b7875197ce9a04d4"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-96F2-8M7P-Q7J4
Vulnerability from github – Published: 2026-04-03 18:31 – Updated: 2026-05-20 15:35In the Linux kernel, the following vulnerability has been resolved:
mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations
ieee80211_chan_bw_change() iterates all stations and accesses link->reserved.oper via sta->sdata->link[link_id]. For stations on AP_VLAN interfaces (e.g. 4addr WDS clients), sta->sdata points to the VLAN sdata, whose link never participates in chanctx reservations. This leaves link->reserved.oper zero-initialized with chan == NULL, causing a NULL pointer dereference in __ieee80211_sta_cap_rx_bw() when accessing chandef->chan->band during CSA.
Resolve the VLAN sdata to its parent AP sdata using get_bss_sdata() before accessing link data.
[also change sta->sdata in ARRAY_SIZE even if it doesn't matter]
{
"affected": [],
"aliases": [
"CVE-2026-31394"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-03T16:16:37Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations\n\nieee80211_chan_bw_change() iterates all stations and accesses\nlink-\u003ereserved.oper via sta-\u003esdata-\u003elink[link_id]. For stations on\nAP_VLAN interfaces (e.g. 4addr WDS clients), sta-\u003esdata points to\nthe VLAN sdata, whose link never participates in chanctx reservations.\nThis leaves link-\u003ereserved.oper zero-initialized with chan == NULL,\ncausing a NULL pointer dereference in __ieee80211_sta_cap_rx_bw()\nwhen accessing chandef-\u003echan-\u003eband during CSA.\n\nResolve the VLAN sdata to its parent AP sdata using get_bss_sdata()\nbefore accessing link data.\n\n[also change sta-\u003esdata in ARRAY_SIZE even if it doesn\u0027t matter]",
"id": "GHSA-96f2-8m7p-q7j4",
"modified": "2026-05-20T15:35:22Z",
"published": "2026-04-03T18:31:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31394"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3c6629e859a2211a1fbb4868f915413f80001ca5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5a86d4e920d9783a198e39cf53f0e410fba5fbd6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/65c25b588994dd422fea73fa322de56e1ae4a33b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/672e5229e1ecfc2a3509b53adcb914d8b024a853"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-96HJ-65HM-4XJF
Vulnerability from github – Published: 2022-05-14 01:30 – Updated: 2022-05-14 01:30An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick.
{
"affected": [],
"aliases": [
"CVE-2018-7050"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-15T20:29:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an \"empty\" nick.",
"id": "GHSA-96hj-65hm-4xjf",
"modified": "2022-05-14T01:30:10Z",
"published": "2022-05-14T01:30:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7050"
},
{
"type": "WEB",
"url": "https://irssi.org/security/irssi_sa_2018_02.txt"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3590-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4162"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2018/02/15/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-96MJ-4FV4-G633
Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-12-03 21:31In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: install stub fence into potential unused fence pointers
When using cpu to update page tables, vm update fences are unused. Install stub fence into these fence pointers instead of NULL to avoid NULL dereference when calling dma_fence_wait() on them.
{
"affected": [],
"aliases": [
"CVE-2023-53248"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T15:15:52Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: install stub fence into potential unused fence pointers\n\nWhen using cpu to update page tables, vm update fences are unused.\nInstall stub fence into these fence pointers instead of NULL\nto avoid NULL dereference when calling dma_fence_wait() on them.",
"id": "GHSA-96mj-4fv4-g633",
"modified": "2025-12-03T21:31:00Z",
"published": "2025-09-15T15:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53248"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/187916e6ed9d0c3b3abc27429f7a5f8c936bd1f0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/78b25110eb8c6990f7f5096bc0136c12a2b4cc99"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/aa9e9ba5748c524eb0925a2ef6984b78793646d6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-96Q3-68GV-9R3H
Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-08 15:31In the Linux kernel, the following vulnerability has been resolved:
media: chips-media: wave5: Fix Null reference while testing fluster
When multi instances are created/destroyed, many interrupts happens and structures for decoder are removed. "struct vpu_instance" this structure is shared for all flow in the decoder, so if the structure is not protected by lock, Null dereference could happens sometimes. IRQ Handler was spilt to two phases and Lock was added as well.
{
"affected": [],
"aliases": [
"CVE-2026-43263"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-06T12:16:47Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: chips-media: wave5: Fix Null reference while testing fluster\n\nWhen multi instances are created/destroyed, many interrupts happens\nand structures for decoder are removed.\n\"struct vpu_instance\" this structure is shared for all flow in the decoder,\nso if the structure is not protected by lock, Null dereference\ncould happens sometimes.\nIRQ Handler was spilt to two phases and Lock was added as well.",
"id": "GHSA-96q3-68gv-9r3h",
"modified": "2026-05-08T15:31:18Z",
"published": "2026-05-06T12:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43263"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d12bcf183ec7da4305d848068d15f18044eaf62a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e66ff2b08e4ee1c4d3b84f24818e5bcc178cc3a4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ea316b784fe6a61b29131c98cddb24e651b1dcbc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-96RF-5R43-949P
Vulnerability from github – Published: 2022-05-24 16:43 – Updated: 2022-10-07 18:15libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.
{
"affected": [],
"aliases": [
"CVE-2019-11338"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-19T00:29:00Z",
"severity": "HIGH"
},
"details": "libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.",
"id": "GHSA-96rf-5r43-949p",
"modified": "2022-10-07T18:15:43Z",
"published": "2022-05-24T16:43:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11338"
},
{
"type": "WEB",
"url": "https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e"
},
{
"type": "WEB",
"url": "https://github.com/FFmpeg/FFmpeg/commit/9ccc633068c6fe76989f487c8932bd11886ad65b"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00043.html"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/May/60"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3967-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4431-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4449"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108034"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-96VP-7VCR-RP4H
Vulnerability from github – Published: 2022-05-24 22:00 – Updated: 2022-05-24 22:00interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2019-12155"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-24T16:29:00Z",
"severity": "HIGH"
},
"details": "interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NULL pointer dereference.",
"id": "GHSA-96vp-7vcr-rp4h",
"modified": "2022-05-24T22:00:00Z",
"published": "2022-05-24T22:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12155"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4454"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4191-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4191-1"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/May/76"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2019-05/msg01321.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVDHJB2QKXNDU7OFXIHIL5O5VN5QCSZL"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOE3PVFPMWMXV3DGP2R3XIHAF2ZQU3FS"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"
},
{
"type": "WEB",
"url": "https://git.qemu.org/?p=qemu.git;a=commit;h=3be7eb2f47bf71db5f80fcf8750ea395dd5ffdd2"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:4344"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3787"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3742"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3345"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3179"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2892"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2607"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:3723"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00008.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/05/22/1"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.