Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6305 vulnerabilities reference this CWE, most recent first.

GHSA-C92G-P5CR-CR59

Vulnerability from github – Published: 2025-02-19 00:31 – Updated: 2025-02-21 00:31
VLAI
Details

FFmpeg git master before commit c08d30 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-25473"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-18T23:15:10Z",
    "severity": "MODERATE"
  },
  "details": "FFmpeg git master before commit c08d30 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c.",
  "id": "GHSA-c92g-p5cr-cr59",
  "modified": "2025-02-21T00:31:08Z",
  "published": "2025-02-19T00:31:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25473"
    },
    {
      "type": "WEB",
      "url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/blobdiff/4f3c9f2f03378a08692a26532bc3146414717f8c..c08d300481b8ebb846cd43a473988fdbc6793d1b:/libavformat/avformat.c"
    },
    {
      "type": "WEB",
      "url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c08d300481b8ebb846cd43a473988fdbc6793d1b"
    },
    {
      "type": "WEB",
      "url": "https://trac.ffmpeg.org/ticket/11419"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C92M-JH9P-PRMJ

Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-27 00:00
VLAI
Details

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-3278"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-23T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.",
  "id": "GHSA-c92m-jh9p-prmj",
  "modified": "2022-09-27T00:00:18Z",
  "published": "2022-09-25T00:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3278"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vim/vim/commit/69082916c8b5d321545d60b9f5facad0a2dd5a4e"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/a9fad77e-f245-4ce9-ba15-c7d4c86c4612"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202305-16"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C938-F9VC-P38C

Vulnerability from github – Published: 2025-07-03 09:30 – Updated: 2025-12-17 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: ti: Add NULL check in udma_probe()

devm_kasprintf() returns NULL when memory allocation fails. Currently, udma_probe() does not check for this case, which results in a NULL pointer dereference.

Add NULL check after devm_kasprintf() to prevent this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38138"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-03T09:15:28Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: Add NULL check in udma_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nudma_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
  "id": "GHSA-c938-f9vc-p38c",
  "modified": "2025-12-17T18:31:32Z",
  "published": "2025-07-03T09:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38138"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/643db430f4cbd91dd2b63c49d62d0abb6debc13b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f133e04c62246353b8b1f0a679535c65161ebcf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b79e10050d9d1e200541d25751dd5cb8ec58483c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bc6ddff79835f71310a21645d8fcf08ec473e969"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d61d5ba5bd5b0e39e30b34dcd92946e084bca0d0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ec1ea394c40523835bbedd8fc4934b77b461b6fe"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fd447415e74bccd7362f760d4ea727f8e1ebfe91"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C94R-CR76-MXJC

Vulnerability from github – Published: 2022-05-17 02:41 – Updated: 2022-05-17 02:41
VLAI
Details

b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-7919"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-08T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash).",
  "id": "GHSA-c94r-cr76-mxjc",
  "modified": "2022-05-17T02:41:04Z",
  "published": "2022-05-17T02:41:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7919"
    },
    {
      "type": "WEB",
      "url": "https://github.com/alexpark07/Bookmark/issues/1"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/frameworks/native/+/ae33effd43a615183f089f0a216b5965e8104842%5E%21/#F0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/alexpark07/Bookmark/blob/master/BugHunting.md"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99014"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C954-449C-8JV4

Vulnerability from github – Published: 2023-02-28 21:30 – Updated: 2023-03-06 18:30
VLAI
Details

In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-22997"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-28T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).",
  "id": "GHSA-c954-449c-8jv4",
  "modified": "2023-03-06T18:30:22Z",
  "published": "2023-02-28T21:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22997"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/45af1d7aae7d5520d2858f8517a1342646f015db"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C95G-5FW2-H647

Vulnerability from github – Published: 2024-09-27 15:30 – Updated: 2025-11-04 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: fix the waring dereferencing hive

Check the amdgpu_hive_info *hive that maybe is NULL.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-46805"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-27T13:15:13Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix the waring dereferencing hive\n\nCheck the amdgpu_hive_info *hive that maybe is NULL.",
  "id": "GHSA-c95g-5fw2-h647",
  "modified": "2025-11-04T00:31:29Z",
  "published": "2024-09-27T15:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46805"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/01cd55b971131b07b7ff8d622fa93bb4f8be07df"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1940708ccf5aff76de4e0b399f99267c93a89193"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4ab720b6aa1ef5e71db1e534b5b45c80ac4ec58a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d3f927ef0607b3c8c3f79ab6d9a4ebead3e35f4c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f20d1d5cbb39802f68be24458861094f3e66f356"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C96Q-RF2R-2XJ8

Vulnerability from github – Published: 2026-02-18 21:31 – Updated: 2026-02-27 00:31
VLAI
Details

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-10256"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-18T21:16:20Z",
    "severity": "MODERATE"
  },
  "details": "A NULL pointer dereference vulnerability exists in FFmpeg\u2019s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.",
  "id": "GHSA-c96q-rf2r-2xj8",
  "modified": "2026-02-27T00:31:44Z",
  "published": "2026-02-18T21:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10256"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FFmpeg/FFmpeg/commit/a25462482c02c004d685a8fcf2fa63955aaa0931"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FFmpeg/FFmpeg/commit/d3be186ed1bcdcf2c093d6b13a0e66dc5132be2a"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-10256"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394495"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C98J-G7VX-36GJ

Vulnerability from github – Published: 2022-02-17 00:00 – Updated: 2022-03-17 00:05
VLAI
Details

A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-0617"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-16T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.",
  "id": "GHSA-c98j-g7vx-36gj",
  "modified": "2022-03-17T00:05:32Z",
  "published": "2022-02-17T00:00:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0617"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fc3b7c2981bbd1047916ade327beccb90994eee"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea8569194b43f0f01f0a84c689388542c7254a1f"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/lkml/20220114172329.ygzry5rlz64ua2nr@quack3.lan/T"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5095"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5096"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/04/13/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C98W-GF53-9JWF

Vulnerability from github – Published: 2022-05-17 00:18 – Updated: 2022-05-17 00:18
VLAI
Details

A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-13135"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-16T04:29:00Z",
    "severity": "HIGH"
  },
  "details": "A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure.",
  "id": "GHSA-c98w-gf53-9jwf",
  "modified": "2022-05-17T00:18:37Z",
  "published": "2022-05-17T00:18:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13135"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ebel34/bpg-web-encoder/issues/1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101929"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C9FM-9759-HR7J

Vulnerability from github – Published: 2025-11-14 21:30 – Updated: 2025-11-15 00:30
VLAI
Details

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-63745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-14T21:15:45Z",
    "severity": "MODERATE"
  },
  "details": "A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data.",
  "id": "GHSA-c9fm-9759-hr7j",
  "modified": "2025-11-15T00:30:26Z",
  "published": "2025-11-14T21:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-63745"
    },
    {
      "type": "WEB",
      "url": "https://github.com/radareorg/radare2/issues/24660"
    },
    {
      "type": "WEB",
      "url": "https://github.com/radareorg/radare2/commit/6c5df3f8570d4f0c360681c08241ad8af3b919fd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-001-radare2-nullptr-deref-bin_ne.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/marlinkcyber/advisories/blob/main/advisories/radare2-nullptr-deref-bin_ne.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.