CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-C7JC-3F7R-J74W
Vulnerability from github – Published: 2022-05-24 16:53 – Updated: 2023-03-03 15:30An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
{
"affected": [],
"aliases": [
"CVE-2019-15217"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-19T22:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.",
"id": "GHSA-c7jc-3f7r-j74w",
"modified": "2023-03-03T15:30:19Z",
"published": "2022-05-24T16:53:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15217"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d2e73a5f80a5b5aff3caf1ec6d39b5b3f54b26e"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190905-0002"
},
{
"type": "WEB",
"url": "https://syzkaller.appspot.com/bug?id=9c0c178c24d828a7378f483309001329750aad64"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4147-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4286-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4286-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4302-1"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/08/20/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C7JG-HHPR-V5PQ
Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-05-07 15:31In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
During the error recovery sequence, the rtnl_lock is not held for the entire duration and some datastructures may be freed during the sequence. Check for the BNXT_STATE_OPEN flag instead of netif_running() to ensure that the device is fully operational before proceeding to reconfigure the coalescing settings.
This will fix a possible crash like this:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 [#1] SMP NOPTI CPU: 10 PID: 181276 Comm: ethtool Kdump: loaded Tainted: G IOE --------- - - 4.18.0-348.el8.x86_64 #1 Hardware name: Dell Inc. PowerEdge R740/0F9N89, BIOS 2.3.10 08/15/2019 RIP: 0010:bnxt_hwrm_set_coal+0x1fb/0x2a0 [bnxt_en] Code: c2 66 83 4e 22 08 66 89 46 1c e8 10 cb 00 00 41 83 c6 01 44 39 b3 68 01 00 00 0f 8e a3 00 00 00 48 8b 93 c8 00 00 00 49 63 c6 <48> 8b 2c c2 48 8b 85 b8 02 00 00 48 85 c0 74 2e 48 8b 74 24 08 f6 RSP: 0018:ffffb11c8dcaba50 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff8d168a8b0ac0 RCX: 00000000000000c5 RDX: 0000000000000000 RSI: ffff8d162f72c000 RDI: ffff8d168a8b0b28 RBP: 0000000000000000 R08: b6e1f68a12e9a7eb R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000037 R12: ffff8d168a8b109c R13: ffff8d168a8b10aa R14: 0000000000000000 R15: ffffffffc01ac4e0 FS: 00007f3852e4c740(0000) GS:ffff8d24c0080000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000041b3ee003 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: ethnl_set_coalesce+0x3ce/0x4c0 genl_family_rcv_msg_doit.isra.15+0x10f/0x150 genl_family_rcv_msg+0xb3/0x160 ? coalesce_fill_reply+0x480/0x480 genl_rcv_msg+0x47/0x90 ? genl_family_rcv_msg+0x160/0x160 netlink_rcv_skb+0x4c/0x120 genl_rcv+0x24/0x40 netlink_unicast+0x196/0x230 netlink_sendmsg+0x204/0x3d0 sock_sendmsg+0x4c/0x50 __sys_sendto+0xee/0x160 ? syscall_trace_enter+0x1d3/0x2c0 ? __audit_syscall_exit+0x249/0x2a0 __x64_sys_sendto+0x24/0x30 do_syscall_64+0x5b/0x1a0 entry_SYSCALL_64_after_hwframe+0x65/0xca RIP: 0033:0x7f38524163bb
{
"affected": [],
"aliases": [
"CVE-2022-49869"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T15:16:11Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix possible crash in bnxt_hwrm_set_coal()\n\nDuring the error recovery sequence, the rtnl_lock is not held for the\nentire duration and some datastructures may be freed during the sequence.\nCheck for the BNXT_STATE_OPEN flag instead of netif_running() to ensure\nthat the device is fully operational before proceeding to reconfigure\nthe coalescing settings.\n\nThis will fix a possible crash like this:\n\nBUG: unable to handle kernel NULL pointer dereference at 0000000000000000\nPGD 0 P4D 0\nOops: 0000 [#1] SMP NOPTI\nCPU: 10 PID: 181276 Comm: ethtool Kdump: loaded Tainted: G IOE --------- - - 4.18.0-348.el8.x86_64 #1\nHardware name: Dell Inc. PowerEdge R740/0F9N89, BIOS 2.3.10 08/15/2019\nRIP: 0010:bnxt_hwrm_set_coal+0x1fb/0x2a0 [bnxt_en]\nCode: c2 66 83 4e 22 08 66 89 46 1c e8 10 cb 00 00 41 83 c6 01 44 39 b3 68 01 00 00 0f 8e a3 00 00 00 48 8b 93 c8 00 00 00 49 63 c6 \u003c48\u003e 8b 2c c2 48 8b 85 b8 02 00 00 48 85 c0 74 2e 48 8b 74 24 08 f6\nRSP: 0018:ffffb11c8dcaba50 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff8d168a8b0ac0 RCX: 00000000000000c5\nRDX: 0000000000000000 RSI: ffff8d162f72c000 RDI: ffff8d168a8b0b28\nRBP: 0000000000000000 R08: b6e1f68a12e9a7eb R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000037 R12: ffff8d168a8b109c\nR13: ffff8d168a8b10aa R14: 0000000000000000 R15: ffffffffc01ac4e0\nFS: 00007f3852e4c740(0000) GS:ffff8d24c0080000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 000000041b3ee003 CR4: 00000000007706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n ethnl_set_coalesce+0x3ce/0x4c0\n genl_family_rcv_msg_doit.isra.15+0x10f/0x150\n genl_family_rcv_msg+0xb3/0x160\n ? coalesce_fill_reply+0x480/0x480\n genl_rcv_msg+0x47/0x90\n ? genl_family_rcv_msg+0x160/0x160\n netlink_rcv_skb+0x4c/0x120\n genl_rcv+0x24/0x40\n netlink_unicast+0x196/0x230\n netlink_sendmsg+0x204/0x3d0\n sock_sendmsg+0x4c/0x50\n __sys_sendto+0xee/0x160\n ? syscall_trace_enter+0x1d3/0x2c0\n ? __audit_syscall_exit+0x249/0x2a0\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0x5b/0x1a0\n entry_SYSCALL_64_after_hwframe+0x65/0xca\nRIP: 0033:0x7f38524163bb",
"id": "GHSA-c7jg-hhpr-v5pq",
"modified": "2025-05-07T15:31:25Z",
"published": "2025-05-01T15:31:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49869"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/38147073c96dce8c7e142ce0e5f305a420a729ba"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6d81ea3765dfa6c8a20822613c81edad1c4a16a0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7781e32984cde65549bedc3201537e253297c98d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a5a05fbef4a0dfe45fe03b2f1d02ba23aebf5384"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ac257c43fa615d22180916074feed803b8bb8cb0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C84W-J8MJ-57CH
Vulnerability from github – Published: 2024-05-22 09:31 – Updated: 2024-11-01 18:31In the Linux kernel, the following vulnerability has been resolved:
comedi: ni_usb6501: fix NULL-deref in command paths
The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in ni6501_port_command() and ni6501_counter_command() if a (malicious) device has smaller max-packet sizes than expected (or when doing descriptor fuzz testing).
Add the missing sanity checks to probe().
{
"affected": [],
"aliases": [
"CVE-2021-47476"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-22T09:15:09Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: ni_usb6501: fix NULL-deref in command paths\n\nThe driver uses endpoint-sized USB transfer buffers but had no sanity\nchecks on the sizes. This can lead to zero-size-pointer dereferences or\noverflowed transfer buffers in ni6501_port_command() and\nni6501_counter_command() if a (malicious) device has smaller max-packet\nsizes than expected (or when doing descriptor fuzz testing).\n\nAdd the missing sanity checks to probe().",
"id": "GHSA-c84w-j8mj-57ch",
"modified": "2024-11-01T18:31:26Z",
"published": "2024-05-22T09:31:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47476"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4a9d43cb5d5f39fa39fc1da438517004cc95f7ea"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/58478143771b20ab219937b1c30a706590a59224"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/907767da8f3a925b060c740e0b5c92ea7dbec440"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/aa39738423503825625853b643b9e99d11c23816"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b0156b7c9649d8f55a2ce3d3258509f1b2a181c3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bc51111bf6e8e7b6cc94b133e4c291273a16acd1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d6a727a681a39ae4f73081a9bedb45d14f95bdd1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/df7b1238f3b599a0b9284249772cdfd1ea83a632"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ef143dc0c3defe56730ecd3a9de7b3e1d7e557c1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C89W-7VG6-JWF8
Vulnerability from github – Published: 2024-05-14 18:30 – Updated: 2024-05-14 18:30An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible.
The vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vulnerability arises under specific condition when specially crafted message is processed by the system.
Below are reported vulnerabilities in the Robot Ware versions.
- IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07
- OmniCore- RobotWare 7 < 7.14
{
"affected": [],
"aliases": [
"CVE-2024-1914"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T16:16:03Z",
"severity": "MODERATE"
},
"details": "An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible. \n\nThe vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vulnerability arises under specific condition when specially crafted message is processed by the system. \n\nBelow are reported vulnerabilities in the Robot Ware versions. \n\n* IRC5- RobotWare 6 \u003c 6.15.06 except 6.10.10, and 6.13.07 \n* OmniCore- RobotWare 7 \u003c 7.14",
"id": "GHSA-c89w-7vg6-jwf8",
"modified": "2024-05-14T18:30:58Z",
"published": "2024-05-14T18:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1914"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=SI20330\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C8CV-8GR5-5V2W
Vulnerability from github – Published: 2023-05-27 00:30 – Updated: 2024-02-01 03:30There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.
{
"affected": [],
"aliases": [
"CVE-2023-2898"
],
"database_specific": {
"cwe_ids": [
"CWE-362",
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-26T22:15:14Z",
"severity": "MODERATE"
},
"details": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.",
"id": "GHSA-c8cv-8gr5-5v2w",
"modified": "2024-02-01T03:30:22Z",
"published": "2023-05-27T00:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2898"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/linux-f2fs-devel/20230522124203.3838360-1-chao%40kernel.org"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/linux-f2fs-devel/20230522124203.3838360-1-chao@kernel.org"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230929-0002"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5480"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5492"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C8FP-FF95-66MV
Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-25 21:31In the Linux kernel, the following vulnerability has been resolved:
arm64/gcs: Fix error handling in arch_set_shadow_stack_status()
alloc_gcs() returns an error-encoded pointer on failure, which comes from do_mmap(), not NULL.
The current NULL check fails to detect errors, which could lead to using an invalid GCS address.
Use IS_ERR_VALUE() to properly detect errors, consistent with the check in gcs_alloc_thread_stack().
{
"affected": [],
"aliases": [
"CVE-2026-45876"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-27T14:17:01Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/gcs: Fix error handling in arch_set_shadow_stack_status()\n\nalloc_gcs() returns an error-encoded pointer on failure, which comes\nfrom do_mmap(), not NULL.\n\nThe current NULL check fails to detect errors, which could lead to using\nan invalid GCS address.\n\nUse IS_ERR_VALUE() to properly detect errors, consistent with the\ncheck in gcs_alloc_thread_stack().",
"id": "GHSA-c8fp-ff95-66mv",
"modified": "2026-06-25T21:31:19Z",
"published": "2026-05-27T15:33:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45876"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/53c998527ffa60f9deda8974a11ad39790684159"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a4741114c9622346c4bbb8cc2bbd88153616ffaf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c787a235deb33be6eda40beee8f561da5fd8cb8c"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C8GR-R48P-9GCW
Vulnerability from github – Published: 2025-10-28 15:30 – Updated: 2025-10-28 18:30FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
{
"affected": [],
"aliases": [
"CVE-2025-61106"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-28T15:16:13Z",
"severity": "HIGH"
},
"details": "FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.",
"id": "GHSA-c8gr-r48p-9gcw",
"modified": "2025-10-28T18:30:28Z",
"published": "2025-10-28T15:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61106"
},
{
"type": "WEB",
"url": "https://github.com/FRRouting/frr/issues/19471"
},
{
"type": "WEB",
"url": "https://github.com/FRRouting/frr/pull/19480"
},
{
"type": "WEB",
"url": "https://github.com/FRRouting/frr/pull/19480/commits/fdd957408605d4a1766225630aafc7e6b7c3daf3"
},
{
"type": "WEB",
"url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61106.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C8H7-RW5F-PM89
Vulnerability from github – Published: 2023-05-10 15:30 – Updated: 2024-04-04 04:00Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
{
"affected": [],
"aliases": [
"CVE-2022-42878"
],
"database_specific": {
"cwe_ids": [
"CWE-395",
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-10T14:15:23Z",
"severity": "MODERATE"
},
"details": "Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.",
"id": "GHSA-c8h7-rw5f-pm89",
"modified": "2024-04-04T04:00:01Z",
"published": "2023-05-10T15:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42878"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C8MX-CCV3-H6HJ
Vulnerability from github – Published: 2022-05-24 19:15 – Updated: 2022-05-24 19:15An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function Analyze::AnalyzeRoot() located in analyze.cpp. It allows an attacker to cause Denial of Service.
{
"affected": [],
"aliases": [
"CVE-2021-39543"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-20T16:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function Analyze::AnalyzeRoot() located in analyze.cpp. It allows an attacker to cause Denial of Service.",
"id": "GHSA-c8mx-ccv3-h6hj",
"modified": "2022-05-24T19:15:09Z",
"published": "2022-05-24T19:15:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39543"
},
{
"type": "WEB",
"url": "https://github.com/leonhad/pdftools/issues/1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-C8PQ-47PF-5PGC
Vulnerability from github – Published: 2025-04-16 15:34 – Updated: 2025-04-29 21:31In the Linux kernel, the following vulnerability has been resolved:
staging: gpib: Fix Oops after disconnect in agilent usb
If the agilent usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the bus_interface is set to NULL on disconnect.
This problem was introduced by setting usb_dev from the bus_interface for dev_xxx messages.
Previously bus_interface was checked for NULL only in the functions directly calling usb_fill_bulk_urb or usb_control_msg.
Check for valid bus_interface on all interface entry points and return -ENODEV if it is NULL.
{
"affected": [],
"aliases": [
"CVE-2025-22051"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-16T15:15:58Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: gpib: Fix Oops after disconnect in agilent usb\n\nIf the agilent usb dongle is disconnected subsequent calls to the\ndriver cause a NULL dereference Oops as the bus_interface\nis set to NULL on disconnect.\n\nThis problem was introduced by setting usb_dev from the bus_interface\nfor dev_xxx messages.\n\nPreviously bus_interface was checked for NULL only in the functions\ndirectly calling usb_fill_bulk_urb or usb_control_msg.\n\nCheck for valid bus_interface on all interface entry points\nand return -ENODEV if it is NULL.",
"id": "GHSA-c8pq-47pf-5pgc",
"modified": "2025-04-29T21:31:47Z",
"published": "2025-04-16T15:34:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22051"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/50ef6e45bec79da4c5a01fad4dc23466ba255099"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8491e73a5223acb0a4b4d78c3f8b96aa9c5e774d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e88633705078f40391a9afc6cc8ea3025e6f692b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.