CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-PM5P-FF9Q-6V54
Vulnerability from github – Published: 2023-09-01 21:30 – Updated: 2024-04-04 07:22Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.
{
"affected": [],
"aliases": [
"CVE-2023-41633"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-01T19:15:43Z",
"severity": "MODERATE"
},
"details": "Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.",
"id": "GHSA-pm5p-ff9q-6v54",
"modified": "2024-04-04T07:22:14Z",
"published": "2023-09-01T21:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41633"
},
{
"type": "WEB",
"url": "https://gist.github.com/rycbar77/3da455382f88cfb6d6798572f34378bd"
},
{
"type": "WEB",
"url": "https://rycbar77.github.io/2023/08/29/catdoc-0-95-nullptr-dereference"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PM82-478G-GQ88
Vulnerability from github – Published: 2023-12-14 06:30 – Updated: 2025-11-04 21:30An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
{
"affected": [],
"aliases": [
"CVE-2023-49936"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-14T05:15:10Z",
"severity": "HIGH"
},
"details": "An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.",
"id": "GHSA-pm82-478g-gq88",
"modified": "2025-11-04T21:30:52Z",
"published": "2023-12-14T06:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49936"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO"
},
{
"type": "WEB",
"url": "https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html"
},
{
"type": "WEB",
"url": "https://www.schedmd.com/security-archive.php"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PM88-9XJW-GHXF
Vulnerability from github – Published: 2026-06-15 21:30 – Updated: 2026-06-15 21:30A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
{
"affected": [],
"aliases": [
"CVE-2025-55663"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-15T20:16:24Z",
"severity": "MODERATE"
},
"details": "A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.",
"id": "GHSA-pm88-9xjw-ghxf",
"modified": "2026-06-15T21:30:37Z",
"published": "2026-06-15T21:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55663"
},
{
"type": "WEB",
"url": "https://infosec.exchange/@sigdevel/116733899601128471"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/06/13/14"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PMFG-QV3M-CHQH
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.
{
"affected": [],
"aliases": [
"CVE-2021-38206"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-08T20:15:00Z",
"severity": "MODERATE"
},
"details": "The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.",
"id": "GHSA-pmfg-qv3m-chqh",
"modified": "2022-05-24T19:10:23Z",
"published": "2022-05-24T19:10:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38206"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/bddc0c411a45d3718ac535a070f349be8eca8d48"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.13"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-PMMH-7PM7-HC62
Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2024-12-30 21:30In the Linux kernel, the following vulnerability has been resolved:
regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL
devm_gpiod_get_array_optional may return NULL if no GPIO was assigned.
{
"affected": [],
"aliases": [
"CVE-2021-47233"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T15:15:12Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: rt4801: Fix NULL pointer dereference if priv-\u003eenable_gpios is NULL\n\ndevm_gpiod_get_array_optional may return NULL if no GPIO was assigned.",
"id": "GHSA-pmmh-7pm7-hc62",
"modified": "2024-12-30T21:30:45Z",
"published": "2024-05-21T15:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47233"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ba8a26a7ce8617f9f3d6230de34b2302df086b41"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cb2381cbecb81a8893b2d1e1af29bc2e5531df27"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dc68f0c9e4a001e02376fe87f4bdcacadb27e8a1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PMP5-RW9V-RGV5
Vulnerability from github – Published: 2022-05-14 03:52 – Updated: 2025-04-20 03:47dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023.
{
"affected": [],
"aliases": [
"CVE-2017-15939"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-27T21:29:00Z",
"severity": "MODERATE"
},
"details": "dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023.",
"id": "GHSA-pmp5-rw9v-rgv5",
"modified": "2025-04-20T03:47:48Z",
"published": "2022-05-14T03:52:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15939"
},
{
"type": "WEB",
"url": "https://blogs.gentoo.org/ago/2017/10/24/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c-incomplete-fix-for-cve-2017-15023"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201801-01"
},
{
"type": "WEB",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22205"
},
{
"type": "WEB",
"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=a54018b72d75abf2e74bf36016702da06399c1d9"
},
{
"type": "WEB",
"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a54018b72d75abf2e74bf36016702da06399c1d9"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101613"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PMQ2-6662-X875
Vulnerability from github – Published: 2024-04-17 12:32 – Updated: 2024-04-29 21:30In the Linux kernel, the following vulnerability has been resolved:
x86/xen: Add some null pointer checking to smp.c
kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity.
{
"affected": [],
"aliases": [
"CVE-2024-26908"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-17T11:15:11Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/xen: Add some null pointer checking to smp.c\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"id": "GHSA-pmq2-6662-x875",
"modified": "2024-04-29T21:30:33Z",
"published": "2024-04-17T12:32:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26908"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/025a8a96c7ef3ff24a9b4753a7e851ba16f11bfc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3693bb4465e6e32a204a5b86d3ec7e6b9f7e67c2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/70a33a629090130d731fc1e1ad498bb672eea165"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8082bccb7ac480ceab89b09c53d20c78ae54f9fa"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a9bbb05c0c04b49a1f7f05fd03826321dca2b8d4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d211e8128c0e2122512fa5e859316540349b54af"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/eb279074badac0bbe28749906562d648ca4bc750"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f49c513f46dc19bf01ffad2aaaf234d7f37f6799"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PMQM-G7JM-76HF
Vulnerability from github – Published: 2026-04-13 15:31 – Updated: 2026-07-14 15:31In the Linux kernel, the following vulnerability has been resolved:
net/sched: cls_fw: fix NULL pointer dereference on shared blocks
The old-method path in fw_classify() calls tcf_block_q() and dereferences q->handle. Shared blocks leave block->q NULL, causing a NULL deref when an empty cls_fw filter is attached to a shared block and a packet with a nonzero major skb mark is classified.
Reject the configuration in fw_change() when the old method (no TCA_OPTIONS) is used on a shared block, since fw_classify()'s old-method path needs block->q which is NULL for shared blocks.
The fixed null-ptr-deref calling stack: KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f] RIP: 0010:fw_classify (net/sched/cls_fw.c:81) Call Trace: tcf_classify (./include/net/tc_wrapper.h:197 net/sched/cls_api.c:1764 net/sched/cls_api.c:1860) tc_run (net/core/dev.c:4401) __dev_queue_xmit (net/core/dev.c:4535 net/core/dev.c:4790)
{
"affected": [],
"aliases": [
"CVE-2026-31421"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-13T14:16:11Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_fw: fix NULL pointer dereference on shared blocks\n\nThe old-method path in fw_classify() calls tcf_block_q() and\ndereferences q-\u003ehandle. Shared blocks leave block-\u003eq NULL, causing a\nNULL deref when an empty cls_fw filter is attached to a shared block\nand a packet with a nonzero major skb mark is classified.\n\nReject the configuration in fw_change() when the old method (no\nTCA_OPTIONS) is used on a shared block, since fw_classify()\u0027s\nold-method path needs block-\u003eq which is NULL for shared blocks.\n\nThe fixed null-ptr-deref calling stack:\n KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]\n RIP: 0010:fw_classify (net/sched/cls_fw.c:81)\n Call Trace:\n tcf_classify (./include/net/tc_wrapper.h:197 net/sched/cls_api.c:1764 net/sched/cls_api.c:1860)\n tc_run (net/core/dev.c:4401)\n __dev_queue_xmit (net/core/dev.c:4535 net/core/dev.c:4790)",
"id": "GHSA-pmqm-g7jm-76hf",
"modified": "2026-07-14T15:31:51Z",
"published": "2026-04-13T15:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31421"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/18328eff2f97d1a6adcdb6d4a0f42f2f83a31e28"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3cb055df9e8625ce699a259d8178d67b37f2b160"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3d41f9a314afa94b1c7c7c75405920123220e8cd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5cf41031922c154aa5ccda8bcdb0f5e6226582ec"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/96426c348def662b06bfdc65be3002905604927a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d6d5bd62a09650856e1e2010eb09853eba0d64e1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/faeea8bbf6e958bf3c00cb08263109661975987c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/febf64ca79a2d6540ab6e5e197fa0f4f7e84473e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PMRX-2GV3-HV52
Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2024-12-24 18:30In the Linux kernel, the following vulnerability has been resolved:
ALSA: usx2y: Don't call free_pages_exact() with NULL address
Unlike some other functions, we can't pass NULL pointer to free_pages_exact(). Add a proper NULL check for avoiding possible Oops.
{
"affected": [],
"aliases": [
"CVE-2021-47332"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T15:15:20Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usx2y: Don\u0027t call free_pages_exact() with NULL address\n\nUnlike some other functions, we can\u0027t pass NULL pointer to\nfree_pages_exact(). Add a proper NULL check for avoiding possible\nOops.",
"id": "GHSA-pmrx-2gv3-hv52",
"modified": "2024-12-24T18:30:48Z",
"published": "2024-05-21T15:31:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47332"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7d7f30cf182e55023fa8fde4c084b2d37c6be69d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/82e5ee742fdd8874fe996181b87fafe1eb5f1196"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/88262229b778f4f7a896da828d966f94dcb35d19"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bee295f5e03510252d18b25cc1d26230256eb87a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cae0cf651adccee2c3f376e78f30fbd788d0829f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PMX4-MGJ6-5FC6
Vulnerability from github – Published: 2022-05-14 03:37 – Updated: 2025-04-20 03:46security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.
{
"affected": [],
"aliases": [
"CVE-2017-15274"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-12T00:29:00Z",
"severity": "MODERATE"
},
"details": "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.",
"id": "GHSA-pmx4-mgj6-5fc6",
"modified": "2025-04-20T03:46:38Z",
"published": "2022-05-14T03:37:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15274"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1946"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1045327"
},
{
"type": "WEB",
"url": "https://patchwork.kernel.org/patch/9781573"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3583-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3583-2"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101292"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.