Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-RF9X-2W4M-RH77

Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24
VLAI
Details

The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2011-1093"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-07-18T22:55:00Z",
    "severity": "HIGH"
  },
  "details": "The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.",
  "id": "GHSA-rf9x-2w4m-rh77",
  "modified": "2022-05-13T01:24:46Z",
  "published": "2022-05-13T01:24:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1093"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2011:0498"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2011:0500"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2011:0833"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2011-1093"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=682954"
    },
    {
      "type": "WEB",
      "url": "http://downloads.avaya.com/css/P8/documents/100145416"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=720dc34bbbe9493c7bd48b2243058b4e447a929d"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/03/08/19"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/03/08/4"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2011-0833.html"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/46793"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-RFC9-VXPM-6MM9

Vulnerability from github – Published: 2024-03-02 00:31 – Updated: 2024-12-09 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: ideapad-laptop: fix a NULL pointer dereference

The third parameter of dytc_cql_command should not be NULL since it will be dereferenced immediately.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47079"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-01T22:15:47Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: ideapad-laptop: fix a NULL pointer dereference\n\nThe third parameter of dytc_cql_command should not be NULL since it will\nbe dereferenced immediately.",
  "id": "GHSA-rfc9-vxpm-6mm9",
  "modified": "2024-12-09T21:31:00Z",
  "published": "2024-03-02T00:31:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47079"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/beab753fe3b4e087411a850a64c6cd748544d8a1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ff67dbd554b2aaa22be933eced32610ff90209dd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RFJQ-RM7G-FV8J

Vulnerability from github – Published: 2024-05-01 15:30 – Updated: 2024-12-23 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value

cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return 0 in case of error.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27051"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-01T13:15:50Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
  "id": "GHSA-rfjq-rm7g-fv8j",
  "modified": "2024-12-23T21:30:51Z",
  "published": "2024-05-01T15:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27051"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RFMM-M252-PWVM

Vulnerability from github – Published: 2026-03-23 18:30 – Updated: 2026-03-23 18:30
VLAI
Details

A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-server commit 3d1652d allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-26828"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-23T17:16:47Z",
    "severity": "HIGH"
  },
  "details": "A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-server commit 3d1652d allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server",
  "id": "GHSA-rfmm-m252-pwvm",
  "modified": "2026-03-23T18:30:31Z",
  "published": "2026-03-23T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26828"
    },
    {
      "type": "WEB",
      "url": "https://github.com/owntone/owntone-server/issues/1961"
    },
    {
      "type": "WEB",
      "url": "https://github.com/owntone/owntone-server/commit/9ac54f0b42491c4862791db4c5368ff80c4000d3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/archersec/security-advisories/blob/master/owntone-server/owntone-server-advisory-2026.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RFPM-426W-RMHW

Vulnerability from github – Published: 2022-05-14 01:52 – Updated: 2022-05-14 01:52
VLAI
Details

An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-19122"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-09T11:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.",
  "id": "GHSA-rfpm-426w-rmhw",
  "modified": "2022-05-14T01:52:00Z",
  "published": "2022-05-14T01:52:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19122"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mz-automation/libiec61850/issues/86"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fouzhe/security/tree/master/libiec61850#segv-in-function-ethernet_sendpacket"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RFPV-Q7VR-V94R

Vulnerability from github – Published: 2024-03-25 12:30 – Updated: 2025-03-03 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/meson: fix shutdown crash when component not probed

When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000038 ... pc : meson_drv_shutdown+0x24/0x50 lr : platform_drv_shutdown+0x20/0x30 ... Call trace: meson_drv_shutdown+0x24/0x50 platform_drv_shutdown+0x20/0x30 device_shutdown+0x158/0x360 kernel_restart_prepare+0x38/0x48 kernel_restart+0x18/0x68 __do_sys_reboot+0x224/0x250 __arm64_sys_reboot+0x24/0x30 ...

Simply check if the priv struct has been allocated before using it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47165"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-25T10:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: fix shutdown crash when component not probed\n\nWhen main component is not probed, by example when the dw-hdmi module is\nnot loaded yet or in probe defer, the following crash appears on shutdown:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\n...\npc : meson_drv_shutdown+0x24/0x50\nlr : platform_drv_shutdown+0x20/0x30\n...\nCall trace:\nmeson_drv_shutdown+0x24/0x50\nplatform_drv_shutdown+0x20/0x30\ndevice_shutdown+0x158/0x360\nkernel_restart_prepare+0x38/0x48\nkernel_restart+0x18/0x68\n__do_sys_reboot+0x224/0x250\n__arm64_sys_reboot+0x24/0x30\n...\n\nSimply check if the priv struct has been allocated before using it.",
  "id": "GHSA-rfpv-q7vr-v94r",
  "modified": "2025-03-03T18:31:20Z",
  "published": "2024-03-25T12:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47165"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4ce2bf20b4a6e307e114847d60b2bf40a6a1fac0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7cfc4ea78fc103ea51ecbacd9236abb5b1c490d2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b4298d33c1fcce511ffe84d8d3de07e220300f9b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b4b91033a0b11fe9ade58156cd9168f89f4a8c1a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d66083c0d6f5125a4d982aa177dd71ab4cd3d212"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e256a0eb43e17209e347409a80805b1659398d68"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RFRR-3G6G-X7WW

Vulnerability from github – Published: 2023-01-26 21:30 – Updated: 2023-02-01 18:30
VLAI
Details

In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-44018"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-26T21:17:00Z",
    "severity": "HIGH"
  },
  "details": "In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application.",
  "id": "GHSA-rfrr-3g6g-x7ww",
  "modified": "2023-02-01T18:30:31Z",
  "published": "2023-01-26T21:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44018"
    },
    {
      "type": "WEB",
      "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-10.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RFXP-R28M-8GJR

Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2024-03-21 03:33
VLAI
Details

drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-16230"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-11T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.",
  "id": "GHSA-rfxp-r28m-8gjr",
  "modified": "2024-03-21T03:33:41Z",
  "published": "2022-05-24T16:55:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16230"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1150468"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2019/9/9/487"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20191004-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RG45-HMXP-2HP7

Vulnerability from github – Published: 2024-06-27 21:32 – Updated: 2024-07-03 18:47
VLAI
Details

A NULL Pointer Dereference discovered in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function DumpOneStream() at /src/DumpStream.cpp.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39130"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-27T20:15:22Z",
    "severity": "HIGH"
  },
  "details": "A NULL Pointer Dereference discovered in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function DumpOneStream() at /src/DumpStream.cpp.",
  "id": "GHSA-rg45-hmxp-2hp7",
  "modified": "2024-07-03T18:47:10Z",
  "published": "2024-06-27T21:32:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39130"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wangf1978/DumpTS/issues/20"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RG77-9F4C-3658

Vulnerability from github – Published: 2022-05-24 17:44 – Updated: 2022-05-24 17:44
VLAI
Details

FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-26235"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-18T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "FastStone Image Viewer \u003c= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.",
  "id": "GHSA-rg77-9f4c-3658",
  "modified": "2022-05-24T17:44:52Z",
  "published": "2022-05-24T17:44:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26235"
    },
    {
      "type": "WEB",
      "url": "https://voidsec.com/advisories/cve-2021-26235-faststone-image-viewer-v-7-5-user-mode-write-access-violation"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.