Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-H9Q9-5V3G-X37M

Vulnerability from github – Published: 2022-05-17 01:18 – Updated: 2025-04-20 03:43
VLAI
Details

OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-12923"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-28T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "OLEStream::WriteVT_LPSTR in olestrm.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.",
  "id": "GHSA-h9q9-5v3g-x37m",
  "modified": "2025-04-20T03:43:57Z",
  "published": "2022-05-17T01:18:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12923"
    },
    {
      "type": "WEB",
      "url": "https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-olestreamwritevt_lpstr-olestrm-cpp"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/08/17/9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H9RM-R2MM-GRP7

Vulnerability from github – Published: 2022-05-14 03:05 – Updated: 2025-04-20 03:48
VLAI
Details

The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-16536"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-04T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.",
  "id": "GHSA-h9rm-r2mm-grp7",
  "modified": "2025-04-20T03:48:03Z",
  "published": "2022-05-14T03:05:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16536"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/d/msg/syzkaller/WlUAVfDvpRk/1V1xuEA4AgAJ"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "https://patchwork.kernel.org/patch/9963527"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3619-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3619-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3754-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H9RQ-X9R5-2G43

Vulnerability from github – Published: 2025-07-25 18:30 – Updated: 2025-11-19 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: ad1816a: Fix potential NULL pointer deref in snd_card_ad1816a_pnp()

Use pr_warn() instead of dev_warn() when 'pdev' is NULL to avoid a potential NULL pointer dereference.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38454"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-25T16:15:31Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ad1816a: Fix potential NULL pointer deref in snd_card_ad1816a_pnp()\n\nUse pr_warn() instead of dev_warn() when \u0027pdev\u0027 is NULL to avoid a\npotential NULL pointer dereference.",
  "id": "GHSA-h9rq-x9r5-2g43",
  "modified": "2025-11-19T18:31:16Z",
  "published": "2025-07-25T18:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38454"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/043faef334a1f3d96ae88e1b7618bfa2b4946388"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e14bffc90866596ba19ffe549f199d7870da4241"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ef84c94d11ff972ecc3507f1ed092046bf6204b2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HC22-Q8G2-56VR

Vulnerability from github – Published: 2022-05-24 16:56 – Updated: 2024-04-04 01:55
VLAI
Details

An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the service can cause a null pointer dereference, resulting in the hostapd service crashing. An unauthenticated attacker can send a specially-crafted SOAP request to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-5055"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-11T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the \u003cWFAWLANConfig:1#PutMessage\u003e service can cause a null pointer dereference, resulting in the hostapd service crashing. An unauthenticated attacker can send a specially-crafted SOAP request to trigger this vulnerability.",
  "id": "GHSA-hc22-q8g2-56vr",
  "modified": "2024-04-04T01:55:52Z",
  "published": "2022-05-24T16:56:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5055"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0832"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HC3H-G2HW-G96P

Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-11-03 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ftrace: Fix regression with module command in stack_trace_filter

When executing the following command:

# echo "write*:mod:ext3" > /sys/kernel/tracing/stack_trace_filter

The current mod command causes a null pointer dereference. While commit 0f17976568b3f ("ftrace: Fix regression with module command in stack_trace_filter") has addressed part of the issue, it left a corner case unhandled, which still results in a kernel crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-56569"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-27T15:15:15Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix regression with module command in stack_trace_filter\n\nWhen executing the following command:\n\n    # echo \"write*:mod:ext3\" \u003e /sys/kernel/tracing/stack_trace_filter\n\nThe current mod command causes a null pointer dereference. While commit\n0f17976568b3f (\"ftrace: Fix regression with module command in stack_trace_filter\")\nhas addressed part of the issue, it left a corner case unhandled, which still\nresults in a kernel crash.",
  "id": "GHSA-hc3h-g2hw-g96p",
  "modified": "2025-11-03T21:31:51Z",
  "published": "2024-12-27T15:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56569"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/19cacabdd5a8487ae566cbecb4d03bcb038a067e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/43ca32ce12888fb0eeb2d74dfc558dea60d3473e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/45af52e7d3b8560f21d139b3759735eead8b1653"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5dabb7af57bc72308a6e2e81a5dd756eef283803"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7ae27880de3482e063fcc1f72d9a298d0d391407"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/885109aa0c70639527dd6a65c82e63c9ac055e3d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8a92dc4df89c50bdb26667419ea70e0abbce456e"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HC6C-75P4-HMQ4

Vulnerability from github – Published: 2021-05-21 14:20 – Updated: 2024-10-30 22:07
VLAI
Summary
Reference binding to null pointer in `MatrixDiag*` ops
Details

Impact

The implementation of MatrixDiag* operations does not validate that the tensor arguments are non-empty:

      num_rows = context->input(2).flat<int32>()(0);
      num_cols = context->input(3).flat<int32>()(0);
      padding_value = context->input(4).flat<T>()(0); 

Thus, users can trigger null pointer dereferences if any of the above tensors are null:

import tensorflow as tf

d = tf.convert_to_tensor([],dtype=tf.float32)
p = tf.convert_to_tensor([],dtype=tf.float32)
tf.raw_ops.MatrixDiagV2(diagonal=d, k=0, num_rows=0, num_cols=0, padding_value=p)

Changing from tf.raw_ops.MatrixDiagV2 to tf.raw_ops.MatrixDiagV3 still reproduces the issue.

Patches

We have patched the issue in GitHub commit a7116dd3913c4a4afd2a3a938573aa7c785fdfc6.

The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by Ye Zhang and Yakun Zhang of Baidu X-Team.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-29515"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-18T23:39:11Z",
    "nvd_published_at": "2021-05-14T20:15:00Z",
    "severity": "LOW"
  },
  "details": "### Impact\nThe implementation of [`MatrixDiag*` operations](https://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrix_diag_op.cc#L195-L197) does not validate that the tensor arguments are non-empty:\n\n```cc\n      num_rows = context-\u003einput(2).flat\u003cint32\u003e()(0);\n      num_cols = context-\u003einput(3).flat\u003cint32\u003e()(0);\n      padding_value = context-\u003einput(4).flat\u003cT\u003e()(0); \n``` \n\nThus, users can trigger null pointer dereferences if any of the above tensors are null:\n\n```python\nimport tensorflow as tf\n\nd = tf.convert_to_tensor([],dtype=tf.float32)\np = tf.convert_to_tensor([],dtype=tf.float32)\ntf.raw_ops.MatrixDiagV2(diagonal=d, k=0, num_rows=0, num_cols=0, padding_value=p)\n```\n\nChanging from `tf.raw_ops.MatrixDiagV2` to `tf.raw_ops.MatrixDiagV3` still reproduces the issue.\n\n### Patches\nWe have patched the issue in GitHub commit [a7116dd3913c4a4afd2a3a938573aa7c785fdfc6](https://github.com/tensorflow/tensorflow/commit/a7116dd3913c4a4afd2a3a938573aa7c785fdfc6).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ye Zhang and Yakun Zhang of Baidu X-Team.",
  "id": "GHSA-hc6c-75p4-hmq4",
  "modified": "2024-10-30T22:07:10Z",
  "published": "2021-05-21T14:20:54Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hc6c-75p4-hmq4"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29515"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/a7116dd3913c4a4afd2a3a938573aa7c785fdfc6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-443.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-641.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-152.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Reference binding to null pointer in `MatrixDiag*` ops"
}

GHSA-HC76-569J-JF8Q

Vulnerability from github – Published: 2022-05-14 03:15 – Updated: 2025-04-20 03:34
VLAI
Details

The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-10250"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-15T14:59:00Z",
    "severity": "HIGH"
  },
  "details": "The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887.",
  "id": "GHSA-hc76-569j-jf8q",
  "modified": "2025-04-20T03:34:07Z",
  "published": "2022-05-14T03:15:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10250"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mdadams/jasper/commit/bdfe95a6e81ffb4b2fad31a76b57943695beed20"
    },
    {
      "type": "WEB",
      "url": "https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3693-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HC8H-974X-98HR

Vulnerability from github – Published: 2023-01-20 21:30 – Updated: 2024-06-06 21:30
VLAI
Details

MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-47015"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-20T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.",
  "id": "GHSA-hc8h-974x-98hr",
  "modified": "2024-06-06T21:30:35Z",
  "published": "2023-01-20T21:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47015"
    },
    {
      "type": "WEB",
      "url": "https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O22PO3Q6TRSNJI2A2WTJH3VVCHEKBF6C"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUQ33SPQCZQD63TWAM3XKFNVNFRGPFYU"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O22PO3Q6TRSNJI2A2WTJH3VVCHEKBF6C"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUQ33SPQCZQD63TWAM3XKFNVNFRGPFYU"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230309-0009"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HCFH-8R6H-694X

Vulnerability from github – Published: 2025-07-03 09:30 – Updated: 2025-12-18 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

backlight: pm8941: Add NULL check in wled_configure()

devm_kasprintf() returns NULL when memory allocation fails. Currently, wled_configure() does not check for this case, which results in a NULL pointer dereference.

Add NULL check after devm_kasprintf() to prevent this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38143"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-03T09:15:29Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: pm8941: Add NULL check in wled_configure()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nwled_configure() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
  "id": "GHSA-hcfh-8r6h-694x",
  "modified": "2025-12-18T21:31:32Z",
  "published": "2025-07-03T09:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38143"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1be2000b703b02e149f8f2061054489f6c18c972"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/21528806560510458378ea52c37e35b0773afaea"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4a715be3fe80b68fa55cb3569af3d294be101626"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6a56446595730a5e3f06a30902e23cb037d28146"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9d06ac32c202142da40904180f2669ed4f5073ac"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e12d3e1624a02706cdd3628bbf5668827214fa33"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fde314445332015273c8f51d2659885c606fe135"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HCGV-RJPX-8QJC

Vulnerability from github – Published: 2023-03-25 12:30 – Updated: 2023-03-31 03:30
VLAI
Details

A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224010 is the identifier assigned to this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-1628"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-25T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224010 is the identifier assigned to this vulnerability.",
  "id": "GHSA-hcgv-rjpx-8qjc",
  "modified": "2023-03-31T03:30:31Z",
  "published": "2023-03-25T12:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1628"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1Div9mElTdsluLrU2etziLYqmXcqQFj1j/view"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned30"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.224010"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.224010"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.