CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-C69P-28R6-Q952
Vulnerability from github – Published: 2022-05-24 17:18 – Updated: 2024-04-01 15:30A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.
{
"affected": [],
"aliases": [
"CVE-2020-10703"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-02T13:15:00Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.",
"id": "GHSA-c69p-28r6-q952",
"modified": "2024-04-01T15:30:27Z",
"published": "2022-05-24T17:18:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10703"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790725"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10703"
},
{
"type": "WEB",
"url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=5d5c732d748d644ec14626bce448e84bdc4bd93e"
},
{
"type": "WEB",
"url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=7aa0e8c0cb8a6293d0c6f7e3d29c13b96dec2129"
},
{
"type": "WEB",
"url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=dfff16a7c261f8d28e3abe60a47165f845fa952f"
},
{
"type": "WEB",
"url": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=5d5c732d748d644ec14626bce448e84bdc4bd93e"
},
{
"type": "WEB",
"url": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=7aa0e8c0cb8a6293d0c6f7e3d29c13b96dec2129"
},
{
"type": "WEB",
"url": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=dfff16a7c261f8d28e3abe60a47165f845fa952f"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200608-0005"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C6C6-9C6X-QJ3G
Vulnerability from github – Published: 2023-08-11 15:30 – Updated: 2024-04-04 06:52An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).
{
"affected": [],
"aliases": [
"CVE-2020-24187"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-11T14:15:10Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).",
"id": "GHSA-c6c6-9c6x-qj3g",
"modified": "2024-04-04T06:52:33Z",
"published": "2023-08-11T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24187"
},
{
"type": "WEB",
"url": "https://github.com/jerryscript-project/jerryscript/issues/4076"
},
{
"type": "WEB",
"url": "https://github.com/Aurorainfinity/Poc/tree/master/jerryscript/NULL-dereference-ecma_get_lex_env_type"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C6H3-G88W-QCM8
Vulnerability from github – Published: 2024-05-01 06:31 – Updated: 2024-06-03 18:55In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix possible null pointer derefence with invalid contexts
vmw_context_cotable can return either an error or a null pointer and its usage sometimes went unchecked. Subsequent code would then try to access either a null pointer or an error value.
The invalid dereferences were only possible with malformed userspace apps which never properly initialized the rendering contexts.
Check the results of vmw_context_cotable to fix the invalid derefs.
Thanks: ziming zhang(@ezrak1e) from Ant Group Light-Year Security Lab who was the first person to discover it. Niels De Graef who reported it and helped to track down the poc.
{
"affected": [],
"aliases": [
"CVE-2024-26979"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-01T06:15:15Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix possible null pointer derefence with invalid contexts\n\nvmw_context_cotable can return either an error or a null pointer and its\nusage sometimes went unchecked. Subsequent code would then try to access\neither a null pointer or an error value.\n\nThe invalid dereferences were only possible with malformed userspace\napps which never properly initialized the rendering contexts.\n\nCheck the results of vmw_context_cotable to fix the invalid derefs.\n\nThanks:\nziming zhang(@ezrak1e) from Ant Group Light-Year Security Lab\nwho was the first person to discover it.\nNiels De Graef who reported it and helped to track down the poc.",
"id": "GHSA-c6h3-g88w-qcm8",
"modified": "2024-06-03T18:55:51Z",
"published": "2024-05-01T06:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26979"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/07c3fe923ff7eccf684fb4f8c953d0a7cc8ded73"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/517621b7060096e48e42f545fa6646fc00252eac"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/585fec7361e7850bead21fada49a7fcde2f2e791"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/899e154f9546fcae18065d74064889d08fff62c2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9cb3755b1e3680b720b74dbedfac889e904605c7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c560327d900bab968c2e1b4cd7fa2d46cd429e3d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ff41e0d4f3fa10d7cdd7d40f8026bea9fcc8b000"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C6JQ-H4JP-72PR
Vulnerability from github – Published: 2019-07-26 16:10 – Updated: 2024-09-04 20:26aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference in new_aubio_notes function within src/notes/notes.c.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "aubio"
},
"ranges": [
{
"events": [
{
"introduced": "0.4.0"
},
{
"fixed": "0.4.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-19802"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2019-07-25T16:08:26Z",
"nvd_published_at": "2019-06-07T17:29:00Z",
"severity": "HIGH"
},
"details": "aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference in `new_aubio_notes` function within `src/notes/notes.c`.",
"id": "GHSA-c6jq-h4jp-72pr",
"modified": "2024-09-04T20:26:30Z",
"published": "2019-07-26T16:10:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19802"
},
{
"type": "WEB",
"url": "https://github.com/aubio/aubio/commit/c5ee1307bdc004e43302abeca1802c2692b33a8e"
},
{
"type": "PACKAGE",
"url": "https://github.com/aubio/aubio"
},
{
"type": "WEB",
"url": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/aubio/PYSEC-2019-164.yaml"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYIKPYXZIWYWWNNORSKWRCFFCP6AFMRZ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHIRMWW4JQ6UHJK4AVBJLFRLE2TPKC2W"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00063.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00067.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00012.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function"
}
GHSA-C6PR-P5HF-W49P
Vulnerability from github – Published: 2022-05-17 02:35 – Updated: 2022-05-17 02:35OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.
{
"affected": [],
"aliases": [
"CVE-2017-7522"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-27T13:29:00Z",
"severity": "MODERATE"
},
"details": "OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.",
"id": "GHSA-c6pr-p5hf-w49p",
"modified": "2022-05-17T02:35:50Z",
"published": "2022-05-17T02:35:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7522"
},
{
"type": "WEB",
"url": "https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99230"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038768"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C6QX-HFCQ-G673
Vulnerability from github – Published: 2024-03-20 15:32 – Updated: 2024-08-15 18:31Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the J2KImageToFIBITMAP() function when reading images in J2K format.
{
"affected": [],
"aliases": [
"CVE-2024-28584"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-20T06:15:12Z",
"severity": "LOW"
},
"details": "Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the J2KImageToFIBITMAP() function when reading images in J2K format.",
"id": "GHSA-c6qx-hfcq-g673",
"modified": "2024-08-15T18:31:43Z",
"published": "2024-03-20T15:32:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28584"
},
{
"type": "WEB",
"url": "https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/10"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-C6WP-8JC6-MJM8
Vulnerability from github – Published: 2022-01-07 00:00 – Updated: 2023-05-27 06:30A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent).
{
"affected": [],
"aliases": [
"CVE-2021-46038"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-05T23:15:00Z",
"severity": "MODERATE"
},
"details": "A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent).",
"id": "GHSA-c6wp-8jc6-mjm8",
"modified": "2023-05-27T06:30:36Z",
"published": "2022-01-07T00:00:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46038"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/issues/2000"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5411"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C6WV-24CX-JXCG
Vulnerability from github – Published: 2022-07-27 00:00 – Updated: 2022-07-29 00:00An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c.
{
"affected": [],
"aliases": [
"CVE-2021-33459"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-26T13:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c.",
"id": "GHSA-c6wv-24cx-jxcg",
"modified": "2022-07-29T00:00:34Z",
"published": "2022-07-27T00:00:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33459"
},
{
"type": "WEB",
"url": "https://github.com/yasm/yasm/issues/167"
},
{
"type": "WEB",
"url": "https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C73W-7V4M-X2GX
Vulnerability from github – Published: 2022-05-14 00:55 – Updated: 2022-05-14 00:55In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.
{
"affected": [],
"aliases": [
"CVE-2018-19797"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-03T06:29:00Z",
"severity": "MODERATE"
},
"details": "In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.",
"id": "GHSA-c73w-7v4m-x2gx",
"modified": "2022-05-14T00:55:57Z",
"published": "2022-05-14T00:55:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19797"
},
{
"type": "WEB",
"url": "https://github.com/sass/libsass/issues/2779"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00051.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00027.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C753-VQF3-VJXH
Vulnerability from github – Published: 2022-05-13 01:08 – Updated: 2022-05-13 01:08In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.
{
"affected": [],
"aliases": [
"CVE-2018-8740"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-17T00:29:00Z",
"severity": "HIGH"
},
"details": "In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.",
"id": "GHSA-c753-vqf3-vjxh",
"modified": "2022-05-13T01:08:59Z",
"published": "2022-05-13T01:08:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8740"
},
{
"type": "WEB",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6964"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00009.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00022.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4205-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4394-1"
},
{
"type": "WEB",
"url": "https://www.sqlite.org/cgi/src/timeline?r=corrupt-schema"
},
{
"type": "WEB",
"url": "https://www.sqlite.org/cgi/src/vdiff?from=1774f1c3baf0bc3d\u0026to=d75e67654aa9620b"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00050.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103466"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.