Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-HF5W-7G55-WH36

Vulnerability from github – Published: 2025-04-01 18:30 – Updated: 2025-11-03 21:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: renesas_usbhs: Flush the notify_hotplug_work

When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message "Unable to handle kernel NULL pointer dereference at virtual address" may occur. This issue points to the usbhsc_notify_hotplug() function.

Flush the delayed work to avoid its execution when driver resources are unavailable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21917"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-01T16:15:22Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Flush the notify_hotplug_work\n\nWhen performing continuous unbind/bind operations on the USB drivers\navailable on the Renesas RZ/G2L SoC, a kernel crash with the message\n\"Unable to handle kernel NULL pointer dereference at virtual address\"\nmay occur. This issue points to the usbhsc_notify_hotplug() function.\n\nFlush the delayed work to avoid its execution when driver resources are\nunavailable.",
  "id": "GHSA-hf5w-7g55-wh36",
  "modified": "2025-11-03T21:33:22Z",
  "published": "2025-04-01T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21917"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3248c1f833f924246cb98ce7da4569133c1b2292"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/394965f90454d6f00fe11879142b720c6c1a872e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4ca078084cdd5f32d533311d6a0b63a60dcadd41"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4cd847a7b630a85493d0294ad9542c21aafaa246"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/552ca6b87e3778f3dd5b87842f95138162e16c82"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/830818c8e70c0364e377f0c243b28061ef7967eb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d50f5c0cd949593eb9a3d822b34d7b50046a06b7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e5aac1c9b2974636db7ce796ffa6de88fa08335e"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HF73-7QVC-M78V

Vulnerability from github – Published: 2026-04-13 18:30 – Updated: 2026-04-13 21:30
VLAI
Details

A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service (DoS) via a crafted XFA packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-66769"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-13T16:16:24Z",
    "severity": "HIGH"
  },
  "details": "A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service (DoS) via a crafted XFA packet.",
  "id": "GHSA-hf73-7qvc-m78v",
  "modified": "2026-04-13T21:30:43Z",
  "published": "2026-04-13T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66769"
    },
    {
      "type": "WEB",
      "url": "https://jeroscope.com/advisories/2025/jero-2025-015"
    },
    {
      "type": "WEB",
      "url": "https://www.gonitro.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HFCH-PVJ6-JWPC

Vulnerability from github – Published: 2025-09-16 18:31 – Updated: 2025-12-02 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()

mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path.

So fix this by checking the return value and calling mmc_free_host() in the error path, besides, led_classdev_unregister() and pm_runtime_disable() also need be called.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50347"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-16T17:15:34Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value, the memory\nthat allocated in mmc_alloc_host() will be leaked and it will lead a kernel\ncrash because of deleting not added device in the remove path.\n\nSo fix this by checking the return value and calling mmc_free_host() in the\nerror path, besides, led_classdev_unregister() and pm_runtime_disable() also\nneed be called.",
  "id": "GHSA-hfch-pvj6-jwpc",
  "modified": "2025-12-02T00:31:10Z",
  "published": "2025-09-16T18:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50347"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1491667d5450778a265eddddd294219acfd648cb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7fa922c7a3dd623fd59f1af50e8896fd9ca7f654"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/89303ddbb502c3bc8edbf864f9f85500c8fe07e9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/937112e991ed25d1727d878734adcbef3b900274"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a522e26a20a43dcfbef9ee9f71ed803290e852b0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d7ad7278be401b09c9f9a9f522cf4c449c7fd489"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/df683201c7ffbd21a806a7cad657b661c5ebfb6f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e598c9683fe1cf97c2b11b800cc3cee072108220"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fc38a5a10e9e5a75eb9189854abeb8405b214cc9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HFCX-W85R-5686

Vulnerability from github – Published: 2025-03-10 21:31 – Updated: 2025-03-10 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: venus: hfi: avoid null dereference in deinit

If venus_probe fails at pm_runtime_put_sync the error handling first calls hfi_destroy and afterwards hfi_core_deinit. As hfi_destroy sets core->ops to NULL, hfi_core_deinit cannot call the core_deinit function anymore.

Avoid this null pointer derefence by skipping the call when necessary.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49527"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:28Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: avoid null dereference in deinit\n\nIf venus_probe fails at pm_runtime_put_sync the error handling first\ncalls hfi_destroy and afterwards hfi_core_deinit. As hfi_destroy sets\ncore-\u003eops to NULL, hfi_core_deinit cannot call the core_deinit function\nanymore.\n\nAvoid this null pointer derefence by skipping the call when necessary.",
  "id": "GHSA-hfcx-w85r-5686",
  "modified": "2025-03-10T21:31:09Z",
  "published": "2025-03-10T21:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49527"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0ac84ab50712879eac3c1dd2598440652a85d3d0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0ed5a643b1a4a46b9b7bfba5d468c10cc30e1359"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2533acb652359c9e097dfa33587896af782e8a91"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/27ad46da44177a78a4a0cae6fe03906888c61aa1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/86594f6af867b5165d2ba7b5a71fae3a5961e56c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9c385b961d4c378228e80f6abea8509cb67feab6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a21d15dde21d7e8ae047eb8368677407db45d840"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b73ed0510bb8d9647cd8e8a4c4c8772bbe545c3a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HFF4-2PQC-F2FX

Vulnerability from github – Published: 2021-12-22 00:00 – Updated: 2021-12-28 00:01
VLAI
Details

A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-44925"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-21T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash.",
  "id": "GHSA-hff4-2pqc-f2fx",
  "modified": "2021-12-28T00:01:05Z",
  "published": "2021-12-22T00:00:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44925"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/issues/1967"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-HFGR-J7WW-95R7

Vulnerability from github – Published: 2022-05-02 06:19 – Updated: 2025-04-11 03:33
VLAI
Details

The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2010-1187"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-03-31T18:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.",
  "id": "GHSA-hfgr-j7ww-95r7",
  "modified": "2025-04-11T03:33:11Z",
  "published": "2022-05-02T06:19:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1187"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=578057"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9832"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commitdiff%3Bh=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6%3Bhp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6;hp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39830"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43315"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2010/dsa-2053"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2010/03/30/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2010/03/31/1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/39120"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-HFHW-H84G-5F8P

Vulnerability from github – Published: 2022-05-17 00:20 – Updated: 2022-05-17 00:20
VLAI
Details

The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-12779"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-10T02:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.",
  "id": "GHSA-hfhw-h84g-5f8p",
  "modified": "2022-05-17T00:20:54Z",
  "published": "2022-05-17T00:20:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12779"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Matroska-Org/foundation-source/issues/24"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/144902/mkvalidator-0.5.1-Denial-Of-Service.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2017/Nov/19"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HFJ5-Q228-92R2

Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-03 21:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered

Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver: https://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/

The crash seems to be in devlink_region_destroy(), which is not NULL tolerant but is given a NULL devlink global region pointer.

At least on some chips, some devlink regions are conditionally registered since the blamed commit, see mv88e6xxx_setup_devlink_regions_global():

    if (cond && !cond(chip))
        continue;

These are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip does not have an STU or PVT, it should crash like this.

To fix the issue, avoid unregistering those regions which are NULL, i.e. were skipped at mv88e6xxx_setup_devlink_regions_global() time.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-37787"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T14:15:43Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
  "id": "GHSA-hfj5-q228-92r2",
  "modified": "2025-11-03T21:33:46Z",
  "published": "2025-05-01T15:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37787"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3665695e3572239dc233216f06b41f40cc771889"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5f5e95945bb1e08be7655da6acba648274db457d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8ccdf5e24b276848eefb2755e05ff0f005a0c4a1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b3c70dfe51f10df60db2646c08cebd24bcdc5247"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bbb80f004f7a90c3dcaacc982c59967457254a05"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c84f6ce918a9e6f4996597cbc62536bbf2247c96"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HFQ6-5GVF-HM89

Vulnerability from github – Published: 2025-01-28 00:32 – Updated: 2026-04-02 21:32
VLAI
Details

A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24177"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-27T22:15:20Z",
    "severity": "HIGH"
  },
  "details": "A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service.",
  "id": "GHSA-hfq6-5gvf-hm89",
  "modified": "2026-04-02T21:32:10Z",
  "published": "2025-01-28T00:32:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24177"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122066"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122068"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122372"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122374"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122375"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/13"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/15"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HFV5-X979-RCPR

Vulnerability from github – Published: 2022-04-16 00:00 – Updated: 2022-04-23 00:03
VLAI
Details

An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-44487"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-15T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.",
  "id": "GHSA-hfv5-x979-rcpr",
  "modified": "2022-04-23T00:03:17Z",
  "published": "2022-04-16T00:00:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44487"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/YottaDB/DB/YDB/-/issues/828"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.