Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-JMG9-4PFX-XJ2H

Vulnerability from github – Published: 2025-04-09 21:31 – Updated: 2025-04-09 21:31
VLAI
Details

A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a Dual-Stack (DS) Lite tunnel to crash the flowd process, resulting in a Denial of Service (DoS).  Continuous triggering of specific control traffic will create a sustained Denial of Service (DoS) condition.

On all SRX platforms, when specific, valid control traffic needs to be sent out of a DS-Lite tunnel, a segmentation fault occurs within the flowd process, resulting in a network outage until the flowd process restarts.

This issue affects Junos OS on SRX Series: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-30645"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-09T20:15:27Z",
    "severity": "HIGH"
  },
  "details": "A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a Dual-Stack (DS) Lite tunnel to crash the flowd process, resulting in a Denial of Service (DoS).\u00a0 Continuous triggering of specific control traffic will create a sustained Denial of Service (DoS) condition.\n\nOn all SRX platforms, when specific, valid control traffic needs to be sent out of a DS-Lite tunnel, a segmentation fault occurs within the flowd process, resulting in a network outage until the flowd process restarts.\n\nThis issue affects Junos OS on SRX Series: \n  *  All versions before 21.2R3-S9, \n  *  from 21.4 before 21.4R3-S9, \n  *  from 22.2 before 22.2R3-S5, \n  *  from 22.4 before 22.4R3-S6, \n  *  from 23.2 before 23.2R2-S3, \n  *  from 23.4 before 23.4R2.",
  "id": "GHSA-jmg9-4pfx-xj2h",
  "modified": "2025-04-09T21:31:43Z",
  "published": "2025-04-09T21:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30645"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA96455"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-JMGJ-8Q9J-9228

Vulnerability from github – Published: 2022-05-14 03:20 – Updated: 2022-05-14 03:20
VLAI
Details

NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-6249"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-02T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.",
  "id": "GHSA-jmgj-8q9j-9228",
  "modified": "2022-05-14T03:20:48Z",
  "published": "2022-05-14T03:20:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6249"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3662-1"
    },
    {
      "type": "WEB",
      "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4649"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMH4-57FC-8HV9

Vulnerability from github – Published: 2026-01-13 21:31 – Updated: 2026-01-13 21:31
VLAI
Details

Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-21300"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-13T21:15:53Z",
    "severity": "MODERATE"
  },
  "details": "Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-jmh4-57fc-8hv9",
  "modified": "2026-01-13T21:31:46Z",
  "published": "2026-01-13T21:31:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21300"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb26-08.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMHQ-85WQ-82M7

Vulnerability from github – Published: 2022-05-13 01:41 – Updated: 2022-05-13 01:41
VLAI
Details

Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is affected by this flaw.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-1000358"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-24T16:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is affected by this flaw.",
  "id": "GHSA-jmhq-85wq-82m7",
  "modified": "2022-05-13T01:41:12Z",
  "published": "2022-05-13T01:41:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000358"
    },
    {
      "type": "WEB",
      "url": "https://aaltodoc.aalto.fi/bitstream/handle/123456789/21584/master_Bidaj_Andi_2016.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMPH-Q368-7WW2

Vulnerability from github – Published: 2022-05-13 01:16 – Updated: 2022-05-13 01:16
VLAI
Details

The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-10323"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-24T06:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.",
  "id": "GHSA-jmph-q368-7ww2",
  "modified": "2022-05-13T01:16:29Z",
  "published": "2022-05-13T01:16:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10323"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.kernel.org/show_bug.cgi?id=199423"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3752-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3752-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3752-3"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3754-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4486-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4188"
    },
    {
      "type": "WEB",
      "url": "https://www.spinics.net/lists/linux-xfs/msg17254.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103959"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMR3-72F3-J452

Vulnerability from github – Published: 2022-05-14 01:20 – Updated: 2022-05-14 01:20
VLAI
Details

In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-15565"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-17T22:29:00Z",
    "severity": "HIGH"
  },
  "details": "In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.",
  "id": "GHSA-jmr3-72f3-j452",
  "modified": "2022-05-14T01:20:24Z",
  "published": "2022-05-14T01:20:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15565"
    },
    {
      "type": "WEB",
      "url": "https://bugs.freedesktop.org/show_bug.cgi?id=103016"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4079"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMR6-PW55-Q334

Vulnerability from github – Published: 2022-05-17 00:53 – Updated: 2025-04-20 03:35
VLAI
Details

elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-7614"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-09T14:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a \"member access within null pointer\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an \"int main() {return 0;}\" program.",
  "id": "GHSA-jmr6-pw55-q334",
  "modified": "2025-04-20T03:35:38Z",
  "published": "2022-05-17T00:53:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7614"
    },
    {
      "type": "WEB",
      "url": "https://blogs.gentoo.org/ago/2017/04/05/binutils-two-null-pointer-dereference-in-elflink-c"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201709-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMR7-MPGF-JGRJ

Vulnerability from github – Published: 2022-05-17 00:12 – Updated: 2022-05-17 00:12
VLAI
Details

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002574 DeviceIoControl request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-17465"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-12-08T05:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002574 DeviceIoControl request.",
  "id": "GHSA-jmr7-mpgf-jgrj",
  "modified": "2022-05-17T00:12:30Z",
  "published": "2022-05-17T00:12:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17465"
    },
    {
      "type": "WEB",
      "url": "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/K7-Antivirus/K7Anti_Nullptr_Dereference_0x95002574"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMRP-224Q-PH39

Vulnerability from github – Published: 2024-05-01 06:31 – Updated: 2025-09-18 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add a dc_state NULL check in dc_state_release

[How] Check wheather state is NULL before releasing it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26948"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-01T06:15:10Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add a dc_state NULL check in dc_state_release\n\n[How]\nCheck wheather state is NULL before releasing it.",
  "id": "GHSA-jmrp-224q-ph39",
  "modified": "2025-09-18T15:30:21Z",
  "published": "2024-05-01T06:31:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26948"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/334b56cea5d9df5989be6cf1a5898114fa70ad98"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d37a08f840485995e3fb91dad95e441b9d28a269"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JMRP-7793-GXC2

Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2024-07-03 18:42
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm: bridge: it66121: Fix invalid connector dereference

Fix the NULL pointer dereference when no monitor is connected, and the sound card is opened from userspace.

Instead return an empty buffer (of zeroes) as the EDID information to the sound framework if there is no connector attached.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-52861"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T16:15:23Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: it66121: Fix invalid connector dereference\n\nFix the NULL pointer dereference when no monitor is connected, and the\nsound card is opened from userspace.\n\nInstead return an empty buffer (of zeroes) as the EDID information to\nthe sound framework if there is no connector attached.",
  "id": "GHSA-jmrp-7793-gxc2",
  "modified": "2024-07-03T18:42:58Z",
  "published": "2024-05-21T18:31:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52861"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1374561a7cbc9a000b77bb0473bb2c19daf18d86"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1669d7b21a664aa531856ce85b01359a376baebc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2c80c4f0d2845645f41cbb7c9304c8efbdbd4331"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d0375f6858c4ff7244b62b02eb5e93428e1916cd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.