Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-9FM4-J993-VWRJ

Vulnerability from github – Published: 2024-11-09 12:30 – Updated: 2024-11-14 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend

Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation") removed most users of the platform device driver data from the qcom-qmp-usb driver, but mistakenly also removed the initialisation despite the data still being used in the runtime PM callbacks. This bug was later reproduced when the driver was copied to create the qmp-usbc driver.

Restore the driver data initialisation at probe to avoid a NULL-pointer dereference on runtime suspend.

Apparently no one uses runtime PM, which currently needs to be enabled manually through sysfs, with these drivers.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50238"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-09T11:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom: qmp-usbc: fix NULL-deref on runtime suspend\n\nCommit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\")\nremoved most users of the platform device driver data from the\nqcom-qmp-usb driver, but mistakenly also removed the initialisation\ndespite the data still being used in the runtime PM callbacks. This bug\nwas later reproduced when the driver was copied to create the qmp-usbc\ndriver.\n\nRestore the driver data initialisation at probe to avoid a NULL-pointer\ndereference on runtime suspend.\n\nApparently no one uses runtime PM, which currently needs to be enabled\nmanually through sysfs, with these drivers.",
  "id": "GHSA-9fm4-j993-vwrj",
  "modified": "2024-11-14T18:30:32Z",
  "published": "2024-11-09T12:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50238"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/34c21f94fa1e147a19b54b6adf0c93a623b70dd8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c7086dc0539b1b2b61c8c735186698bca4858246"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FPW-7F22-7CM4

Vulnerability from github – Published: 2022-05-24 19:21 – Updated: 2022-05-24 19:21
VLAI
Details

Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-40773"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-22T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-9fpw-7f22-7cm4",
  "modified": "2022-05-24T19:21:11Z",
  "published": "2022-05-24T19:21:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40773"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/prelude/apsb21-96.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-9FRR-F75V-8934

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-04-04 02:20
VLAI
Details

Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-17452"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-10T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump.",
  "id": "GHSA-9frr-f75v-8934",
  "modified": "2024-04-04T02:20:25Z",
  "published": "2022-05-24T16:58:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17452"
    },
    {
      "type": "WEB",
      "url": "https://github.com/axiomatic-systems/Bento4/issues/434"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FV5-GJQQ-RC4H

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11
VLAI
Details

NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1112"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-11T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.",
  "id": "GHSA-9fv5-gjqq-rc4h",
  "modified": "2022-05-24T19:11:02Z",
  "published": "2022-05-24T19:11:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1112"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-9FX5-WC5Q-367P

Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27
VLAI
Details

qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-13458"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-12T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.",
  "id": "GHSA-9fx5-wc5q-367p",
  "modified": "2022-05-13T01:27:25Z",
  "published": "2022-05-13T01:27:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13458"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/fakhrizulkifli/40f3daf52950cca6de28ebec2498ff6e"
    },
    {
      "type": "WEB",
      "url": "https://knowledge.opsview.com/v5.3/docs/whats-new"
    },
    {
      "type": "WEB",
      "url": "https://knowledge.opsview.com/v5.4/docs/whats-new"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45082"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00014.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FX9-J289-P7F2

Vulnerability from github – Published: 2024-02-27 09:31 – Updated: 2024-04-10 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ixgbe: Fix NULL pointer dereference in ethtool loopback test

The ixgbe driver currently generates a NULL pointer dereference when performing the ethtool loopback test. This is due to the fact that there isn't a q_vector associated with the test ring when it is setup as interrupts are not normally added to the test rings.

To address this I have added code that will check for a q_vector before returning a napi_id value. If a q_vector is not present it will return a value of 0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46916"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-27T07:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nixgbe: Fix NULL pointer dereference in ethtool loopback test\n\nThe ixgbe driver currently generates a NULL pointer dereference when\nperforming the ethtool loopback test. This is due to the fact that there\nisn\u0027t a q_vector associated with the test ring when it is setup as\ninterrupts are not normally added to the test rings.\n\nTo address this I have added code that will check for a q_vector before\nreturning a napi_id value. If a q_vector is not present it will return a\nvalue of 0.",
  "id": "GHSA-9fx9-j289-p7f2",
  "modified": "2024-04-10T15:30:31Z",
  "published": "2024-02-27T09:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46916"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/31166efb1cee348eb6314e9c0095d84cbeb66b9d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/758d19098df4b0bbca9f40d6ae6c82c9c18b9bba"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9G28-83M6-MVG3

Vulnerability from github – Published: 2026-06-15 21:30 – Updated: 2026-06-16 15:33
VLAI
Details

A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parse_option() (src/if-options.c:1886), the code performs a member access on a NULL pointer of type 'struct dhcp_opt' when an unexpected/invalid option token or parsing state causes the lookup to yield NULL. The instrumented fuzzing build reports 'runtime error: member access within null pointer of type struct dhcp_opt' and aborts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-70102"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-15T20:16:24Z",
    "severity": "MODERATE"
  },
  "details": "A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parse_option() (src/if-options.c:1886), the code performs a member access on a NULL pointer of type \u0027struct dhcp_opt\u0027 when an unexpected/invalid option token or parsing state causes the lookup to yield NULL. The instrumented fuzzing build reports \u0027runtime error: member access within null pointer of type struct dhcp_opt\u0027 and aborts.",
  "id": "GHSA-9g28-83m6-mvg3",
  "modified": "2026-06-16T15:33:44Z",
  "published": "2026-06-15T21:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-70102"
    },
    {
      "type": "WEB",
      "url": "https://infosec.exchange/@sigdevel/116733594508542047"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9G3F-FGM8-4CGM

Vulnerability from github – Published: 2025-09-18 15:30 – Updated: 2025-12-11 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request

There are two check of 'mreplace' in raid10_sync_request(). In the first check, 'need_replace' will be set and 'mreplace' will be used later if no-Faulty 'mreplace' exists, In the second check, 'mreplace' will be set to NULL if it is Faulty, but 'need_replace' will not be changed accordingly. null-ptr-deref occurs if Faulty is set between two check.

Fix it by merging two checks into one. And replace 'need_replace' with 'mreplace' because their values are always the same.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53380"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-18T14:15:40Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix null-ptr-deref of mreplace in raid10_sync_request\n\nThere are two check of \u0027mreplace\u0027 in raid10_sync_request(). In the first\ncheck, \u0027need_replace\u0027 will be set and \u0027mreplace\u0027 will be used later if\nno-Faulty \u0027mreplace\u0027 exists, In the second check, \u0027mreplace\u0027 will be\nset to NULL if it is Faulty, but \u0027need_replace\u0027 will not be changed\naccordingly. null-ptr-deref occurs if Faulty is set between two check.\n\nFix it by merging two checks into one. And replace \u0027need_replace\u0027 with\n\u0027mreplace\u0027 because their values are always the same.",
  "id": "GHSA-9g3f-fgm8-4cgm",
  "modified": "2025-12-11T18:30:33Z",
  "published": "2025-09-18T15:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53380"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/144c7fd008e0072b0b565f1157eec618de54ca8a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/222cc459d59857ee28a5366dc225ab42b22f9272"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2990e2ece18dd4cca71b3109c80517ad94adb065"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/34817a2441747b48e444cb0e05d84e14bc9443da"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/45fa023b3334a7ae6f6c4eb977295804222dfa28"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b5015b97adda6a24dd3e713c63e521ecbeff25c6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9G3X-CH5W-33CH

Vulnerability from github – Published: 2026-03-24 06:31 – Updated: 2026-03-24 06:31
VLAI
Details

NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4751"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-24T06:16:23Z",
    "severity": "MODERATE"
  },
  "details": "NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0.",
  "id": "GHSA-9g3x-ch5w-33ch",
  "modified": "2026-03-24T06:31:14Z",
  "published": "2026-03-24T06:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4751"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tmate-io/tmate/pull/328"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9G47-F5J6-VPFX

Vulnerability from github – Published: 2022-05-24 16:57 – Updated: 2024-04-04 02:05
VLAI
Details

In the wifi hotspot service, there is a possible denial of service due to a null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110476382

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-9279"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-27T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "In the wifi hotspot service, there is a possible denial of service due to a null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110476382",
  "id": "GHSA-9g47-f5j6-vpfx",
  "modified": "2024-04-04T02:05:02Z",
  "published": "2022-05-24T16:57:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9279"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/android-10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.