CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6305 vulnerabilities reference this CWE, most recent first.
GHSA-PJW3-8X26-XPWM
Vulnerability from github – Published: 2024-03-27 06:30 – Updated: 2025-11-04 21:31TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem.
{
"affected": [],
"aliases": [
"CVE-2023-46051"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-27T06:15:10Z",
"severity": "LOW"
},
"details": "TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem.",
"id": "GHSA-pjw3-8x26-xpwm",
"modified": "2025-11-04T21:31:23Z",
"published": "2024-03-27T06:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46051"
},
{
"type": "WEB",
"url": "https://tug.org/pipermail/tex-live/2023-August/049406.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/176822/tex-live-944e257-Null-Pointer.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Jan/68"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-PJWQ-6682-PV8R
Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2022-05-13 01:42In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur.
{
"affected": [],
"aliases": [
"CVE-2017-11063"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-10T20:29:00Z",
"severity": "MODERATE"
},
"details": "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur.",
"id": "GHSA-pjwq-6682-pv8r",
"modified": "2022-05-13T01:42:07Z",
"published": "2022-05-13T01:42:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11063"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2017-10-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101160"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PJWQ-HG2P-9VW7
Vulnerability from github – Published: 2024-04-03 18:30 – Updated: 2025-01-07 21:30In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv
Fixes potential null pointer dereference warnings in the dc_dmub_srv_cmd_list_queue_execute() and dc_dmub_srv_is_hw_pwr_up() functions.
In both functions, the 'dc_dmub_srv' variable was being dereferenced before it was checked for null. This could lead to a null pointer dereference if 'dc_dmub_srv' is null. The fix is to check if 'dc_dmub_srv' is null before dereferencing it.
Thus moving the null checks for 'dc_dmub_srv' to the beginning of the functions to ensure that 'dc_dmub_srv' is not null when it is dereferenced.
Found by smatch & thus fixing the below: drivers/gpu/drm/amd/amdgpu/../display/dc/dc_dmub_srv.c:133 dc_dmub_srv_cmd_list_queue_execute() warn: variable dereferenced before check 'dc_dmub_srv' (see line 128) drivers/gpu/drm/amd/amdgpu/../display/dc/dc_dmub_srv.c:1167 dc_dmub_srv_is_hw_pwr_up() warn: variable dereferenced before check 'dc_dmub_srv' (see line 1164)
{
"affected": [],
"aliases": [
"CVE-2024-26729"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-03T17:15:50Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential null pointer dereference in dc_dmub_srv\n\nFixes potential null pointer dereference warnings in the\ndc_dmub_srv_cmd_list_queue_execute() and dc_dmub_srv_is_hw_pwr_up()\nfunctions.\n\nIn both functions, the \u0027dc_dmub_srv\u0027 variable was being dereferenced\nbefore it was checked for null. This could lead to a null pointer\ndereference if \u0027dc_dmub_srv\u0027 is null. The fix is to check if\n\u0027dc_dmub_srv\u0027 is null before dereferencing it.\n\nThus moving the null checks for \u0027dc_dmub_srv\u0027 to the beginning of the\nfunctions to ensure that \u0027dc_dmub_srv\u0027 is not null when it is\ndereferenced.\n\nFound by smatch \u0026 thus fixing the below:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dc_dmub_srv.c:133 dc_dmub_srv_cmd_list_queue_execute() warn: variable dereferenced before check \u0027dc_dmub_srv\u0027 (see line 128)\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dc_dmub_srv.c:1167 dc_dmub_srv_is_hw_pwr_up() warn: variable dereferenced before check \u0027dc_dmub_srv\u0027 (see line 1164)",
"id": "GHSA-pjwq-hg2p-9vw7",
"modified": "2025-01-07T21:30:54Z",
"published": "2024-04-03T18:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26729"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/351080ba3414c96afff0f1338b4aeb2983195b80"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d2b48f340d9e4a8fbeb1cdc84cd8da6ad143a907"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PJX8-96CX-2PJW
Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check null pointer before dereferencing se
[WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be checked when used again.
This fixes 1 FORWARD_NULL issue reported by Coverity.
{
"affected": [],
"aliases": [
"CVE-2024-50049"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-21T20:15:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointer before dereferencing se\n\n[WHAT \u0026 HOW]\nse is null checked previously in the same function, indicating\nit might be null; therefore, it must be checked when used again.\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity.",
"id": "GHSA-pjx8-96cx-2pjw",
"modified": "2025-11-04T00:31:46Z",
"published": "2024-10-21T21:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50049"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/65b2d49e55fe13ae56da3a7685bdccadca31134a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/97a79933fb08a002ba9400d1a7a5df707ecdb896"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a9b4fd1946678fa0e069e442f3c5a7d3fa446fac"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c643ef59390e49f1dfab35e8ea65f5db5e527d64"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f4149eec960110ffd5bcb161075dd9f1d7773075"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ff599ef6970ee000fa5bc38d02fa5ff5f3fc7575"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PJXR-6C7R-HPJF
Vulnerability from github – Published: 2022-05-14 01:42 – Updated: 2022-05-14 01:42A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783.
{
"affected": [],
"aliases": [
"CVE-2018-14853"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-17T19:29:00Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783.",
"id": "GHSA-pjxr-6c7r-hpjf",
"modified": "2022-05-14T01:42:27Z",
"published": "2022-05-14T01:42:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14853"
},
{
"type": "WEB",
"url": "https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14853.md"
},
{
"type": "WEB",
"url": "https://people.cs.kuleuven.be/~stijn.volckaert/papers/2019_NDSS_PeriScope.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-PM5P-FF9Q-6V54
Vulnerability from github – Published: 2023-09-01 21:30 – Updated: 2024-04-04 07:22Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.
{
"affected": [],
"aliases": [
"CVE-2023-41633"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-01T19:15:43Z",
"severity": "MODERATE"
},
"details": "Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.",
"id": "GHSA-pm5p-ff9q-6v54",
"modified": "2024-04-04T07:22:14Z",
"published": "2023-09-01T21:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41633"
},
{
"type": "WEB",
"url": "https://gist.github.com/rycbar77/3da455382f88cfb6d6798572f34378bd"
},
{
"type": "WEB",
"url": "https://rycbar77.github.io/2023/08/29/catdoc-0-95-nullptr-dereference"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PM82-478G-GQ88
Vulnerability from github – Published: 2023-12-14 06:30 – Updated: 2025-11-04 21:30An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
{
"affected": [],
"aliases": [
"CVE-2023-49936"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-14T05:15:10Z",
"severity": "HIGH"
},
"details": "An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.",
"id": "GHSA-pm82-478g-gq88",
"modified": "2025-11-04T21:30:52Z",
"published": "2023-12-14T06:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49936"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO"
},
{
"type": "WEB",
"url": "https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html"
},
{
"type": "WEB",
"url": "https://www.schedmd.com/security-archive.php"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PM88-9XJW-GHXF
Vulnerability from github – Published: 2026-06-15 21:30 – Updated: 2026-06-15 21:30A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
{
"affected": [],
"aliases": [
"CVE-2025-55663"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-15T20:16:24Z",
"severity": "MODERATE"
},
"details": "A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.",
"id": "GHSA-pm88-9xjw-ghxf",
"modified": "2026-06-15T21:30:37Z",
"published": "2026-06-15T21:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55663"
},
{
"type": "WEB",
"url": "https://infosec.exchange/@sigdevel/116733899601128471"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/06/13/14"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PMFG-QV3M-CHQH
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.
{
"affected": [],
"aliases": [
"CVE-2021-38206"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-08T20:15:00Z",
"severity": "MODERATE"
},
"details": "The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.",
"id": "GHSA-pmfg-qv3m-chqh",
"modified": "2022-05-24T19:10:23Z",
"published": "2022-05-24T19:10:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38206"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/bddc0c411a45d3718ac535a070f349be8eca8d48"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.13"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-PMMH-7PM7-HC62
Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2024-12-30 21:30In the Linux kernel, the following vulnerability has been resolved:
regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL
devm_gpiod_get_array_optional may return NULL if no GPIO was assigned.
{
"affected": [],
"aliases": [
"CVE-2021-47233"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T15:15:12Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: rt4801: Fix NULL pointer dereference if priv-\u003eenable_gpios is NULL\n\ndevm_gpiod_get_array_optional may return NULL if no GPIO was assigned.",
"id": "GHSA-pmmh-7pm7-hc62",
"modified": "2024-12-30T21:30:45Z",
"published": "2024-05-21T15:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47233"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ba8a26a7ce8617f9f3d6230de34b2302df086b41"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cb2381cbecb81a8893b2d1e1af29bc2e5531df27"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dc68f0c9e4a001e02376fe87f4bdcacadb27e8a1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.