CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-QPPW-2696-658W
Vulnerability from github – Published: 2024-05-01 06:31 – Updated: 2024-06-26 00:31In the Linux kernel, the following vulnerability has been resolved:
serial: max310x: fix NULL pointer dereference in I2C instantiation
When trying to instantiate a max14830 device from userspace:
echo max14830 0x60 > /sys/bus/i2c/devices/i2c-2/new_device
we get the following error:
Unable to handle kernel NULL pointer dereference at virtual address...
...
Call trace:
max310x_i2c_probe+0x48/0x170 [max310x]
i2c_device_probe+0x150/0x2a0
...
Add check for validity of devtype to prevent the error, and abort probe with a meaningful error message.
{
"affected": [],
"aliases": [
"CVE-2024-26978"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-01T06:15:15Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max310x: fix NULL pointer dereference in I2C instantiation\n\nWhen trying to instantiate a max14830 device from userspace:\n\n echo max14830 0x60 \u003e /sys/bus/i2c/devices/i2c-2/new_device\n\nwe get the following error:\n\n Unable to handle kernel NULL pointer dereference at virtual address...\n ...\n Call trace:\n max310x_i2c_probe+0x48/0x170 [max310x]\n i2c_device_probe+0x150/0x2a0\n ...\n\nAdd check for validity of devtype to prevent the error, and abort probe\nwith a meaningful error message.",
"id": "GHSA-qppw-2696-658w",
"modified": "2024-06-26T00:31:39Z",
"published": "2024-05-01T06:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26978"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0d27056c24efd3d63a03f3edfbcfc4827086b110"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/12609c76b755dbeb1645c0aacc0f0f4743b2eff3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2160ad6861c4a21d3fa553d7b2aaec6634a37f8a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5cd8af02b466e1beeae13e2de3dc58fcc7925e5a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7d271b798add90c6196539167c019d0817285cf0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/aeca49661fd02fd56fb026768b580ce301b45733"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c45e53c27b78afd6c81fc25608003576f27b5735"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QPPW-C37G-XWCC
Vulnerability from github – Published: 2024-01-03 09:30 – Updated: 2024-11-22 20:22Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "PaddlePaddle"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-52312"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-03T22:02:40Z",
"nvd_published_at": "2024-01-03T09:15:10Z",
"severity": "MODERATE"
},
"details": "Nullptr dereference in paddle.crop\u00a0in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.\n\n\n\n",
"id": "GHSA-qppw-c37g-xwcc",
"modified": "2024-11-22T20:22:49Z",
"published": "2024-01-03T09:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52312"
},
{
"type": "WEB",
"url": "https://github.com/PaddlePaddle/Paddle/commit/488a0ddc322b24659b6b0067fea3030d2f013cf4"
},
{
"type": "PACKAGE",
"url": "https://github.com/PaddlePaddle/Paddle"
},
{
"type": "WEB",
"url": "https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-021.md"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/paddlepaddle/PYSEC-2024-144.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "PaddlePaddle nullptr dereference in paddle.crop"
}
GHSA-QPW7-WX2F-6GC3
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Crafted communication requests may cause a Null pointer dereference in the affected CODESYS products and may result in a denial-of-service condition.
{
"affected": [],
"aliases": [
"CVE-2021-36764"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-04T14:15:00Z",
"severity": "HIGH"
},
"details": "In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Crafted communication requests may cause a Null pointer dereference in the affected CODESYS products and may result in a denial-of-service condition.",
"id": "GHSA-qpw7-wx2f-6gc3",
"modified": "2022-05-24T19:10:00Z",
"published": "2022-05-24T19:10:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36764"
},
{
"type": "WEB",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16804\u0026token=d8c89c887979b22fdfc9fd5c3aa3804bbb1ddbff\u0026download="
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QPWF-M697-V547
Vulnerability from github – Published: 2025-03-12 12:30 – Updated: 2026-07-14 15:31In the Linux kernel, the following vulnerability has been resolved:
tcp: drop secpath at the same time as we currently drop dst
Xiumei reported hitting the WARN in xfrm6_tunnel_net_exit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the pair of netns
The xfrm_state found on spi_byaddr was not deleted at the time we delete the netns, because we still have a reference on it. This lingering reference comes from a secpath (which holds a ref on the xfrm_state), which is still attached to an skb. This skb is not leaked, it ends up on sk_receive_queue and then gets defer-free'd by skb_attempt_defer_free.
The problem happens when we defer freeing an skb (push it on one CPU's defer_list), and don't flush that list before the netns is deleted. In that case, we still have a reference on the xfrm_state that we don't expect at this point.
We already drop the skb's dst in the TCP receive path when it's no longer needed, so let's also drop the secpath. At this point, tcp_filter has already called into the LSM hooks that may require the secpath, so it should not be needed anymore. However, in some of those places, the MPTCP extension has just been attached to the skb, so we cannot simply drop all extensions.
{
"affected": [],
"aliases": [
"CVE-2025-21864"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-12T10:15:19Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"id": "GHSA-qpwf-m697-v547",
"modified": "2026-07-14T15:31:19Z",
"published": "2025-03-12T12:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21864"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/69cafd9413084cd5012cf5d7c7ec6f3d493726d9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/87858bbf21da239ace300d61dd209907995c0491"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9b6412e6979f6f9e0632075f8f008937b5cd4efd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cd34a07f744451e2ecf9005bb7d24d0b2fb83656"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f1d5e6a5e468308af7759cf5276779d3155c5e98"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQ34-M9W6-MVQP
Vulnerability from github – Published: 2025-09-22 21:30 – Updated: 2025-09-22 21:30In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_uart: add missing NULL check in h5_enqueue
Syzbot hit general protection fault in __pm_runtime_resume(). The problem was in missing NULL check.
hu->serdev can be NULL and we should not blindly pass &serdev->dev somewhere, since it will cause GPF.
{
"affected": [],
"aliases": [
"CVE-2022-49202"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:00:57Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_uart: add missing NULL check in h5_enqueue\n\nSyzbot hit general protection fault in __pm_runtime_resume(). The problem\nwas in missing NULL check.\n\nhu-\u003eserdev can be NULL and we should not blindly pass \u0026serdev-\u003edev\nsomewhere, since it will cause GPF.",
"id": "GHSA-qq34-m9w6-mvqp",
"modified": "2025-09-22T21:30:15Z",
"published": "2025-09-22T21:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49202"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/32cb08e958696908a9aad5e49a78d74f7e32fffb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7235485433d290367d60ae22fcdfc565e61d42ab"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8a3896c30f542439d36303183dc96f65df8cc528"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e6b6c904c0f88588b6a3ace20e4c0d61eab124f8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQ4H-F4QP-WR7Q
Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-12 21:31In the Linux kernel, the following vulnerability has been resolved:
drm/ttm: Fix a NULL pointer dereference
The LRU mechanism may look up a resource in the process of being removed from an object. The locking rules here are a bit unclear but it looks currently like res->bo assignment is protected by the LRU lock, whereas bo->resource is protected by the object lock, while clearing of bo->resource is also protected by the LRU lock. This means that if we check that bo->resource points to the LRU resource under the LRU lock we should be safe. So perform that check before deciding to swap out a bo. That avoids dereferencing a NULL bo->resource in ttm_bo_swapout().
{
"affected": [],
"aliases": [
"CVE-2023-53095"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-02T16:15:28Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: Fix a NULL pointer dereference\n\nThe LRU mechanism may look up a resource in the process of being removed\nfrom an object. The locking rules here are a bit unclear but it looks\ncurrently like res-\u003ebo assignment is protected by the LRU lock, whereas\nbo-\u003eresource is protected by the object lock, while *clearing* of\nbo-\u003eresource is also protected by the LRU lock. This means that if\nwe check that bo-\u003eresource points to the LRU resource under the LRU\nlock we should be safe.\nSo perform that check before deciding to swap out a bo. That avoids\ndereferencing a NULL bo-\u003eresource in ttm_bo_swapout().",
"id": "GHSA-qq4h-f4qp-wr7q",
"modified": "2025-11-12T21:31:01Z",
"published": "2025-05-02T18:31:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53095"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9a9a8fe26751334b7739193a94eba741073b8a55"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9ba1720f6c4a0f13c3f3cb5c28132ee75555d04f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9d9b1f9f7a72d83ebf173534e76b246349f32374"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQ6X-P5C6-GQP6
Vulnerability from github – Published: 2026-06-08 18:31 – Updated: 2026-07-08 15:31In the Linux kernel, the following vulnerability has been resolved:
staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc
The return value of kzalloc_flex() is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally.
Guard the access to the allocated structure to avoid a potential NULL pointer dereference if the allocation fails.
{
"affected": [],
"aliases": [
"CVE-2026-46305"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-08T17:16:49Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc\n\nThe return value of kzalloc_flex() is used without\nensuring that the allocation succeeded, and the\npointer is dereferenced unconditionally.\n\nGuard the access to the allocated structure to\navoid a potential NULL pointer dereference if the\nallocation fails.",
"id": "GHSA-qq6x-p5c6-gqp6",
"modified": "2026-07-08T15:31:36Z",
"published": "2026-06-08T18:31:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46305"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0a5f411becfb7c57aa89827213d31ef23a03d75a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bc851db06045a40c18233dd76ef0562d7f8bb6db"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQ9J-C8R5-5XF6
Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-10 21:30In the Linux kernel, the following vulnerability has been resolved:
btrfs: zoned: clone zoned device info when cloning a device
When cloning a btrfs_device, we're not cloning the associated btrfs_zoned_device_info structure of the device in case of a zoned filesystem.
Later on this leads to a NULL pointer dereference when accessing the device's zone_info for instance when setting a zone as active.
This was uncovered by fstests' testcase btrfs/161.
{
"affected": [],
"aliases": [
"CVE-2022-49833"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T15:16:06Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: zoned: clone zoned device info when cloning a device\n\nWhen cloning a btrfs_device, we\u0027re not cloning the associated\nbtrfs_zoned_device_info structure of the device in case of a zoned\nfilesystem.\n\nLater on this leads to a NULL pointer dereference when accessing the\ndevice\u0027s zone_info for instance when setting a zone as active.\n\nThis was uncovered by fstests\u0027 testcase btrfs/161.",
"id": "GHSA-qq9j-c8r5-5xf6",
"modified": "2025-11-10T21:30:28Z",
"published": "2025-05-01T15:31:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49833"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/21e61ec6d0bb786818490e926aa9aeb4de95ad0d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ad88cabcec942c033f980cd1e28d56ecdaf5f3b8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQJJ-7XJV-R736
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2022-05-13 01:13The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.
{
"affected": [],
"aliases": [
"CVE-2018-1094"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-02T03:29:00Z",
"severity": "HIGH"
},
"details": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.",
"id": "GHSA-qqjj-7xjv-r736",
"modified": "2022-05-13T01:13:44Z",
"published": "2022-05-13T01:13:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1094"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2018-1094"
},
{
"type": "WEB",
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=199183"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560788"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=18db4b4e6fc31eda838dd1c1296d67dbcb3dc957"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=a45403b51582a87872927a3e0fc0a389c26867f1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3695-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3695-2"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2018/03/29/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQRF-32Q3-9249
Vulnerability from github – Published: 2024-11-08 06:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
iio: light: veml6030: fix IIO device retrieval from embedded device
The dev pointer that is received as an argument in the in_illuminance_period_available_show function references the device embedded in the IIO device, not in the i2c client.
dev_to_iio_dev() must be used to accessthe right data. The current implementation leads to a segmentation fault on every attempt to read the attribute because indio_dev gets a NULL assignment.
This bug has been present since the first appearance of the driver, apparently since the last version (V6) before getting applied. A constant attribute was used until then, and the last modifications might have not been tested again.
{
"affected": [],
"aliases": [
"CVE-2024-50198"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-08T06:15:16Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: veml6030: fix IIO device retrieval from embedded device\n\nThe dev pointer that is received as an argument in the\nin_illuminance_period_available_show function references the device\nembedded in the IIO device, not in the i2c client.\n\ndev_to_iio_dev() must be used to accessthe right data. The current\nimplementation leads to a segmentation fault on every attempt to read\nthe attribute because indio_dev gets a NULL assignment.\n\nThis bug has been present since the first appearance of the driver,\napparently since the last version (V6) before getting applied. A\nconstant attribute was used until then, and the last modifications might\nhave not been tested again.",
"id": "GHSA-qqrf-32q3-9249",
"modified": "2025-11-04T00:31:57Z",
"published": "2024-11-08T06:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50198"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2cbb41abae65626736b8b52cf3b9339612c5a86a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/50039aec43a82ad2495f2d0fb0c289c8717b4bb2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/905166531831beb067fffe2bdfc98031ffe89087"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bcb90518ccd9e10bf6ab29e31994aab93e4a4361"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bf3ab8e1c28f10df0823d4ff312f83c952b06a15"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c7c44e57750c31de43906d97813273fdffcf7d02"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.