Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6305 vulnerabilities reference this CWE, most recent first.

GHSA-XPJC-Q6JH-H98H

Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2023-05-27 06:30
VLAI
Details

A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service. .

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46051"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-10T14:11:00Z",
    "severity": "MODERATE"
  },
  "details": "A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service. .",
  "id": "GHSA-xpjc-q6jh-h98h",
  "modified": "2023-05-27T06:30:37Z",
  "published": "2022-01-11T00:01:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46051"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/issues/2011"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5411"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPJQ-43C4-M796

Vulnerability from github – Published: 2025-07-25 18:30 – Updated: 2025-11-19 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: rtsn: Fix a null pointer dereference in rtsn_probe()

Add check for the return value of rcar_gen4_ptp_alloc() to prevent potential null pointer dereference.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38452"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-25T16:15:30Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: rtsn: Fix a null pointer dereference in rtsn_probe()\n\nAdd check for the return value of rcar_gen4_ptp_alloc()\nto prevent potential null pointer dereference.",
  "id": "GHSA-xpjq-43c4-m796",
  "modified": "2025-11-19T18:31:16Z",
  "published": "2025-07-25T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38452"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/95a234f6affbf51f06338383537ab80d637bb785"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f260e16b297f8134c5f90bb5a20e805ff57e853"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d52eb4f0e0ca9a5213b8795abbeb11a325d9b22d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPMH-V8J6-G4HX

Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24
VLAI
Details

The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2011-1478"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-10-23T10:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.",
  "id": "GHSA-xpmh-v8j6-g4hx",
  "modified": "2022-05-13T01:24:44Z",
  "published": "2022-05-13T01:24:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1478"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=691270"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7a"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6d152e23ad1a7a5b40fef1f42e017d66e6115159"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=66c46d741e2e60f0e8b625b80edb0ab820c46d7a"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6d152e23ad1a7a5b40fef1f42e017d66e6115159"
    },
    {
      "type": "WEB",
      "url": "http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.38"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/03/28/1"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/46397"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/8480"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-XPMJ-9X2F-C5HW

Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2024-04-04 01:53
VLAI
Details

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-15923"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-04T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.",
  "id": "GHSA-xpmj-9x2f-c5hw",
  "modified": "2024-04-04T01:53:05Z",
  "published": "2022-05-24T16:55:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15923"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/f0d1762554014ce0ae347b9f0d088f2c157c8c72"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20191004-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPMJ-Q2QC-98JR

Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2025-04-20 03:40
VLAI
Details

A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attacker to crash the logger process, causing a denial of service for logging and log-viewing (applications that use the Wonderware ArchestrA Logger continue to run when the Wonderware ArchestrA Logger service is unavailable).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9631"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-07T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attacker to crash the logger process, causing a denial of service for logging and log-viewing (applications that use the Wonderware ArchestrA Logger continue to run when the Wonderware ArchestrA Logger service is unavailable).",
  "id": "GHSA-xpmj-q2qc-98jr",
  "modified": "2025-04-20T03:40:27Z",
  "published": "2022-05-13T01:09:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9631"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04"
    },
    {
      "type": "WEB",
      "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99488"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038836"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPMP-PQ5G-MGH6

Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-17 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

tracing/eprobes: Have event probes be consistent with kprobes and uprobes

Currently, if a symbol "@" is attempted to be used with an event probe (eprobes), it will cause a NULL pointer dereference crash.

Both kprobes and uprobes can reference data other than the main registers. Such as immediate address, symbols and the current task name. Have eprobes do the same thing.

For "comm", if "comm" is used and the event being attached to does not have the "comm" field, then make it the "$comm" that kprobes has. This is consistent to the way histograms and filters work.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50075"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:36Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/eprobes: Have event probes be consistent with kprobes and uprobes\n\nCurrently, if a symbol \"@\" is attempted to be used with an event probe\n(eprobes), it will cause a NULL pointer dereference crash.\n\nBoth kprobes and uprobes can reference data other than the main registers.\nSuch as immediate address, symbols and the current task name. Have eprobes\ndo the same thing.\n\nFor \"comm\", if \"comm\" is used and the event being attached to does not\nhave the \"comm\" field, then make it the \"$comm\" that kprobes has. This is\nconsistent to the way histograms and filters work.",
  "id": "GHSA-xpmp-pq5g-mgh6",
  "modified": "2025-11-17T21:31:17Z",
  "published": "2025-06-18T12:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50075"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/47cc883f21fa3bcf24891b4b455f4cd461ce2d6e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6a832ec3d680b3a4f4fad5752672827d71bae501"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b489aca082a23033a3d8355cfb0032f0e2523440"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPMR-2G2M-G7VW

Vulnerability from github – Published: 2024-06-25 15:31 – Updated: 2024-08-19 21:35
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: v4l: async: Fix notifier list entry init

struct v4l2_async_notifier has several list_head members, but only waiting_list and done_list are initialized. notifier_entry was kept 'zeroed' leading to an uninitialized list_head. This results in a NULL-pointer dereference if csi2_async_register() fails, e.g. node for remote endpoint is disabled, and returns -ENOTCONN. The following calls to v4l2_async_nf_unregister() results in a NULL pointer dereference. Add the missing list head initializer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39464"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-25T15:15:14Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l: async: Fix notifier list entry init\n\nstruct v4l2_async_notifier has several list_head members, but only\nwaiting_list and done_list are initialized. notifier_entry was kept\n\u0027zeroed\u0027 leading to an uninitialized list_head.\nThis results in a NULL-pointer dereference if csi2_async_register() fails,\ne.g. node for remote endpoint is disabled, and returns -ENOTCONN.\nThe following calls to v4l2_async_nf_unregister() results in a NULL\npointer dereference.\nAdd the missing list head initializer.",
  "id": "GHSA-xpmr-2g2m-g7vw",
  "modified": "2024-08-19T21:35:07Z",
  "published": "2024-06-25T15:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39464"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/44f6d619c30f0c65fcdd2b6eba70fdb4460d87ad"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6d8acd02c4c6a8f917eefac1de2e035521ca119d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a80d1da923f671c1e6a14e8417cd2f117b27a442"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPP2-RW22-GF34

Vulnerability from github – Published: 2022-12-14 21:30 – Updated: 2022-12-17 00:30
VLAI
Details

An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-3104"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-14T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference.",
  "id": "GHSA-xpp2-rw22-gf34",
  "modified": "2022-12-17T00:30:21Z",
  "published": "2022-12-14T21:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3104"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153062"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2\u0026id=4a9800c81d2f34afb66b4b42e0330ae8298019a2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPQH-2W77-CVCV

Vulnerability from github – Published: 2025-04-16 15:34 – Updated: 2025-11-03 21:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: imx-card: Add NULL check in imx_card_probe()

devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_card_probe() does not check for this case, which results in a NULL pointer dereference.

Add NULL check after devm_kasprintf() to prevent this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-22066"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-16T15:16:00Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
  "id": "GHSA-xpqh-2w77-cvcv",
  "modified": "2025-11-03T21:33:36Z",
  "published": "2025-04-16T15:34:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22066"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/018e6cf2503e60087747b0ebc190e18b3640766f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/38253922a89a742e7e622f626b41c64388367361"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4d8458e48ff135bddc402ad79821dc058ea163d0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/93d34608fd162f725172e780b1c60cc93a920719"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b01700e08be99e3842570142ec5973ccd7e73eaf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dd2bbb9564d0d24a2643ad90008a79840368c4b4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e283a5bf4337a7300ac5e6ae363cc8b242a0b4b7"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPV8-33XP-MJF2

Vulnerability from github – Published: 2022-05-14 00:54 – Updated: 2022-05-14 00:54
VLAI
Details

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-19607"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-27T07:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.",
  "id": "GHSA-xpv8-33xp-mjf2",
  "modified": "2022-05-14T00:54:45Z",
  "published": "2022-05-14T00:54:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19607"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Exiv2/exiv2/issues/561"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2101"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.