Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-QCQ5-35C7-7HVW

Vulnerability from github – Published: 2022-05-14 00:58 – Updated: 2022-05-14 00:58
VLAI
Details

An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-19432"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-22T05:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service.",
  "id": "GHSA-qcq5-35c7-7hvw",
  "modified": "2022-05-14T00:58:33Z",
  "published": "2022-05-14T00:58:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19432"
    },
    {
      "type": "WEB",
      "url": "https://github.com/erikd/libsndfile/issues/427"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00016.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4013-1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105996"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QCWM-W563-M65J

Vulnerability from github – Published: 2022-05-14 01:14 – Updated: 2025-04-20 03:44
VLAI
Details

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-14228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-09-09T08:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service.",
  "id": "GHSA-qcwm-w563-m65j",
  "modified": "2025-04-20T03:44:35Z",
  "published": "2022-05-14T01:14:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14228"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392423"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201903-19"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3694-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QF5Q-FM5C-HC2P

Vulnerability from github – Published: 2024-10-21 18:30 – Updated: 2024-10-28 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

bpftool: Fix undefined behavior in qsort(NULL, 0, ...)

When netfilter has no entry to display, qsort is called with qsort(NULL, 0, ...). This results in undefined behavior, as UBSan reports:

net.c:827:2: runtime error: null pointer passed as argument 1, which is declared to never be null

Although the C standard does not explicitly state whether calling qsort with a NULL pointer when the size is 0 constitutes undefined behavior, Section 7.1.4 of the C standard (Use of library functions) mentions:

"Each of the following statements applies unless explicitly stated otherwise in the detailed descriptions that follow: If an argument to a function has an invalid value (such as a value outside the domain of the function, or a pointer outside the address space of the program, or a null pointer, or a pointer to non-modifiable storage when the corresponding parameter is not const-qualified) or a type (after promotion) not expected by a function with variable number of arguments, the behavior is undefined."

To avoid this, add an early return when nf_link_info is NULL to prevent calling qsort with a NULL pointer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-49987"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-21T18:15:19Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpftool: Fix undefined behavior in qsort(NULL, 0, ...)\n\nWhen netfilter has no entry to display, qsort is called with\nqsort(NULL, 0, ...). This results in undefined behavior, as UBSan\nreports:\n\nnet.c:827:2: runtime error: null pointer passed as argument 1, which is declared to never be null\n\nAlthough the C standard does not explicitly state whether calling qsort\nwith a NULL pointer when the size is 0 constitutes undefined behavior,\nSection 7.1.4 of the C standard (Use of library functions) mentions:\n\n\"Each of the following statements applies unless explicitly stated\notherwise in the detailed descriptions that follow: If an argument to a\nfunction has an invalid value (such as a value outside the domain of\nthe function, or a pointer outside the address space of the program, or\na null pointer, or a pointer to non-modifiable storage when the\ncorresponding parameter is not const-qualified) or a type (after\npromotion) not expected by a function with variable number of\narguments, the behavior is undefined.\"\n\nTo avoid this, add an early return when nf_link_info is NULL to prevent\ncalling qsort with a NULL pointer.",
  "id": "GHSA-qf5q-fm5c-hc2p",
  "modified": "2024-10-28T18:31:39Z",
  "published": "2024-10-21T18:30:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49987"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e0f6f33f2aa87493b365a38a8fd87b8854b7734"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c208b02827eb642758cef65641995fd3f38c89af"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c2d9f9a7837ab29ccae0c42252f17d436bf0a501"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f04e2ad394e2755d0bb2d858ecb5598718bf00d5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QF9H-WVGW-CQH6

Vulnerability from github – Published: 2025-04-01 18:30 – Updated: 2025-11-03 21:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params

Null pointer dereference issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not null before accessing. This prevents a null pointer dereference.

Found by code review.

(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21941"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-01T16:15:24Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx-\u003eplane_state\nis null. The fix adds a check to ensure \u0027pipe_ctx-\u003eplane_state\u0027 is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)",
  "id": "GHSA-qf9h-wvgw-cqh6",
  "modified": "2025-11-03T21:33:24Z",
  "published": "2025-04-01T18:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21941"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/265422915416468ba91bffa56addbff45e18342a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3748fad09d89e9a5290e1738fd6872a79f794743"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/374c9faac5a763a05bc3f68ad9f73dab3c6aec90"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3b3c2be58d5275aa59d8b4810a59f173f2f5bac1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c1e54752dc12e90305eb0475ca908f42f5b369ca"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e0345c3478f185ca840daac7f08a1fcd4ebec3e9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f435192e00bc4d5d4134356b93212670ec47fa8d"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QFJ5-RCVF-98CF

Vulnerability from github – Published: 2025-05-13 18:30 – Updated: 2025-05-13 18:30
VLAI
Details

Animate versions 24.0.8, 23.0.11 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-30329"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-13T18:15:39Z",
    "severity": "MODERATE"
  },
  "details": "Animate versions 24.0.8, 23.0.11 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-qfj5-rcvf-98cf",
  "modified": "2025-05-13T18:30:58Z",
  "published": "2025-05-13T18:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30329"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/animate/apsb25-42.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QFM5-V3G4-XR9M

Vulnerability from github – Published: 2022-05-14 01:52 – Updated: 2022-05-14 01:52
VLAI
Details

An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-18937"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-05T09:29:00Z",
    "severity": "HIGH"
  },
  "details": "An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.",
  "id": "GHSA-qfm5-v3g4-xr9m",
  "modified": "2022-05-14T01:52:00Z",
  "published": "2022-05-14T01:52:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18937"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mz-automation/libiec61850/issues/82"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fouzhe/security/tree/master/libiec61850#segv-in-function-clientdataset_getvalues"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QFPM-Q7VW-VGQQ

Vulnerability from github – Published: 2025-03-10 21:31 – Updated: 2025-03-10 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: jack: Access input_dev under mutex

It is possible when using ASoC that input_dev is unregistered while calling snd_jack_report, which causes NULL pointer dereference. In order to prevent this serialize access to input_dev using mutex lock.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49538"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:29Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: jack: Access input_dev under mutex\n\nIt is possible when using ASoC that input_dev is unregistered while\ncalling snd_jack_report, which causes NULL pointer dereference.\nIn order to prevent this serialize access to input_dev using mutex lock.",
  "id": "GHSA-qfpm-q7vw-vgqq",
  "modified": "2025-03-10T21:31:09Z",
  "published": "2025-03-10T21:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49538"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1b6a6fc5280e97559287b61eade2d4b363e836f2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/582aea6084cc59fec881204f026816d1219f2348"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5cc6f623f4818c7d7e9e966a45ebf324901ca9c5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/74bab3bcf422593c582e47130aa8eb41ebb2dc09"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8487a88136d54a1a4d3f26f1399685db648ab879"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9e6a73b0c0f2014eb89249fb1640c5a3d58221c4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c093b62c40027c21d649c5534ad7aa3605a99b00"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e2b8681769f6e205382f026b907d28aa5ec9d59a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f68bed124c7699e23ffb4ce4fcc84671e9193cde"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QFV4-QXW7-G29F

Vulnerability from github – Published: 2026-01-13 18:31 – Updated: 2026-07-14 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ip6_gre: make ip6gre_header() robust

Over the years, syzbot found many ways to crash the kernel in ip6gre_header() [1].

This involves team or bonding drivers ability to dynamically change their dev->needed_headroom and/or dev->hard_header_len

In this particular crash mld_newpack() allocated an skb with a too small reserve/headroom, and by the time mld_sendpack() was called, syzbot managed to attach an ip6gre device.

[1] skbuff: skb_under_panic: text:ffffffff8a1d69a8 len:136 put:40 head:ffff888059bc7000 data:ffff888059bc6fe8 tail:0x70 end:0x6c0 dev:team0 ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:213 ! skb_under_panic net/core/skbuff.c:223 [inline] skb_push+0xc3/0xe0 net/core/skbuff.c:2641 ip6gre_header+0xc8/0x790 net/ipv6/ip6_gre.c:1371 dev_hard_header include/linux/netdevice.h:3436 [inline] neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618 neigh_output include/net/neighbour.h:556 [inline] ip6_finish_output2+0xfb3/0x1480 net/ipv6/ip6_output.c:136 __ip6_finish_output net/ipv6/ip6_output.c:-1 [inline] ip6_finish_output+0x234/0x7d0 net/ipv6/ip6_output.c:220 NF_HOOK_COND include/linux/netfilter.h:307 [inline] ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247 NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318 mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855 mld_send_cr net/ipv6/mcast.c:2154 [inline] mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-71098"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-13T16:16:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: make ip6gre_header() robust\n\nOver the years, syzbot found many ways to crash the kernel\nin ip6gre_header() [1].\n\nThis involves team or bonding drivers ability to dynamically\nchange their dev-\u003eneeded_headroom and/or dev-\u003ehard_header_len\n\nIn this particular crash mld_newpack() allocated an skb\nwith a too small reserve/headroom, and by the time mld_sendpack()\nwas called, syzbot managed to attach an ip6gre device.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff8a1d69a8 len:136 put:40 head:ffff888059bc7000 data:ffff888059bc6fe8 tail:0x70 end:0x6c0 dev:team0\n------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:213 !\n \u003cTASK\u003e\n  skb_under_panic net/core/skbuff.c:223 [inline]\n  skb_push+0xc3/0xe0 net/core/skbuff.c:2641\n  ip6gre_header+0xc8/0x790 net/ipv6/ip6_gre.c:1371\n  dev_hard_header include/linux/netdevice.h:3436 [inline]\n  neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618\n  neigh_output include/net/neighbour.h:556 [inline]\n  ip6_finish_output2+0xfb3/0x1480 net/ipv6/ip6_output.c:136\n __ip6_finish_output net/ipv6/ip6_output.c:-1 [inline]\n  ip6_finish_output+0x234/0x7d0 net/ipv6/ip6_output.c:220\n  NF_HOOK_COND include/linux/netfilter.h:307 [inline]\n  ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247\n  NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318\n  mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855\n  mld_send_cr net/ipv6/mcast.c:2154 [inline]\n  mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693",
  "id": "GHSA-qfv4-qxw7-g29f",
  "modified": "2026-07-14T15:31:31Z",
  "published": "2026-01-13T18:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71098"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1717357007db150c2d703f13f5695460e960f26c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/17e7386234f740f3e7d5e58a47b5847ea34c3bc2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/41a1a3140aff295dee8063906f70a514548105e8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5fe210533e3459197eabfdbf97327dacbdc04d60"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/91a2b25be07ce1a7549ceebbe82017551d2eec92"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/adee129db814474f2f81207bd182bf343832a52e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/db5b4e39c4e63700c68a7e65fc4e1f1375273476"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QFXC-FJVG-2QGM

Vulnerability from github – Published: 2024-09-13 09:30 – Updated: 2024-09-19 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe: reset mmio mappings with devm

Set our various mmio mappings to NULL. This should make it easier to catch something rogue trying to mess with mmio after device removal. For example, we might unmap everything and then start hitting some mmio address which has already been unmamped by us and then remapped by something else, causing all kinds of carnage.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-46705"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-13T07:15:05Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: reset mmio mappings with devm\n\nSet our various mmio mappings to NULL. This should make it easier to\ncatch something rogue trying to mess with mmio after device removal. For\nexample, we might unmap everything and then start hitting some mmio\naddress which has already been unmamped by us and then remapped by\nsomething else, causing all kinds of carnage.",
  "id": "GHSA-qfxc-fjvg-2qgm",
  "modified": "2024-09-19T15:30:49Z",
  "published": "2024-09-13T09:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46705"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b1c9fbed3884d3883021d699c7cdf5253a65543a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c7117419784f612d59ee565145f722e8b5541fe6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QG37-G6PV-G327

Vulnerability from github – Published: 2022-05-05 00:29 – Updated: 2023-12-13 15:30
VLAI
Details

slim has NULL pointer dereference when using crypt() method from glibc 2.17

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-4412"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-04T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "slim has NULL pointer dereference when using crypt() method from glibc 2.17",
  "id": "GHSA-qg37-g6pv-g327",
  "modified": "2023-12-13T15:30:54Z",
  "published": "2022-05-05T00:29:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4412"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/cve-2013-4412"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89675"
    },
    {
      "type": "WEB",
      "url": "https://security-tracker.debian.org/tracker/CVE-2013-4412"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/10/09/6"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/62906"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.