CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-RF9X-2W4M-RH77
Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.
{
"affected": [],
"aliases": [
"CVE-2011-1093"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-07-18T22:55:00Z",
"severity": "HIGH"
},
"details": "The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.",
"id": "GHSA-rf9x-2w4m-rh77",
"modified": "2022-05-13T01:24:46Z",
"published": "2022-05-13T01:24:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1093"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2011:0498"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2011:0500"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2011:0833"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2011-1093"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=682954"
},
{
"type": "WEB",
"url": "http://downloads.avaya.com/css/P8/documents/100145416"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=720dc34bbbe9493c7bd48b2243058b4e447a929d"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2011/03/08/19"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2011/03/08/4"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0833.html"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/46793"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-RFC9-VXPM-6MM9
Vulnerability from github – Published: 2024-03-02 00:31 – Updated: 2024-12-09 21:31In the Linux kernel, the following vulnerability has been resolved:
platform/x86: ideapad-laptop: fix a NULL pointer dereference
The third parameter of dytc_cql_command should not be NULL since it will be dereferenced immediately.
{
"affected": [],
"aliases": [
"CVE-2021-47079"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-01T22:15:47Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: ideapad-laptop: fix a NULL pointer dereference\n\nThe third parameter of dytc_cql_command should not be NULL since it will\nbe dereferenced immediately.",
"id": "GHSA-rfc9-vxpm-6mm9",
"modified": "2024-12-09T21:31:00Z",
"published": "2024-03-02T00:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47079"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/beab753fe3b4e087411a850a64c6cd748544d8a1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ff67dbd554b2aaa22be933eced32610ff90209dd"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RFJQ-RM7G-FV8J
Vulnerability from github – Published: 2024-05-01 15:30 – Updated: 2024-12-23 21:30In the Linux kernel, the following vulnerability has been resolved:
cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return 0 in case of error.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
{
"affected": [],
"aliases": [
"CVE-2024-27051"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-01T13:15:50Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"id": "GHSA-rfjq-rm7g-fv8j",
"modified": "2024-12-23T21:30:51Z",
"published": "2024-05-01T15:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27051"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RFMM-M252-PWVM
Vulnerability from github – Published: 2026-03-23 18:30 – Updated: 2026-03-23 18:30A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-server commit 3d1652d allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server
{
"affected": [],
"aliases": [
"CVE-2026-26828"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-23T17:16:47Z",
"severity": "HIGH"
},
"details": "A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-server commit 3d1652d allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server",
"id": "GHSA-rfmm-m252-pwvm",
"modified": "2026-03-23T18:30:31Z",
"published": "2026-03-23T18:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26828"
},
{
"type": "WEB",
"url": "https://github.com/owntone/owntone-server/issues/1961"
},
{
"type": "WEB",
"url": "https://github.com/owntone/owntone-server/commit/9ac54f0b42491c4862791db4c5368ff80c4000d3"
},
{
"type": "WEB",
"url": "https://github.com/archersec/security-advisories/blob/master/owntone-server/owntone-server-advisory-2026.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RFPM-426W-RMHW
Vulnerability from github – Published: 2022-05-14 01:52 – Updated: 2022-05-14 01:52An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.
{
"affected": [],
"aliases": [
"CVE-2018-19122"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-09T11:29:00Z",
"severity": "MODERATE"
},
"details": "An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.",
"id": "GHSA-rfpm-426w-rmhw",
"modified": "2022-05-14T01:52:00Z",
"published": "2022-05-14T01:52:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19122"
},
{
"type": "WEB",
"url": "https://github.com/mz-automation/libiec61850/issues/86"
},
{
"type": "WEB",
"url": "https://github.com/fouzhe/security/tree/master/libiec61850#segv-in-function-ethernet_sendpacket"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-RFPV-Q7VR-V94R
Vulnerability from github – Published: 2024-03-25 12:30 – Updated: 2025-03-03 18:31In the Linux kernel, the following vulnerability has been resolved:
drm/meson: fix shutdown crash when component not probed
When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown:
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000038 ... pc : meson_drv_shutdown+0x24/0x50 lr : platform_drv_shutdown+0x20/0x30 ... Call trace: meson_drv_shutdown+0x24/0x50 platform_drv_shutdown+0x20/0x30 device_shutdown+0x158/0x360 kernel_restart_prepare+0x38/0x48 kernel_restart+0x18/0x68 __do_sys_reboot+0x224/0x250 __arm64_sys_reboot+0x24/0x30 ...
Simply check if the priv struct has been allocated before using it.
{
"affected": [],
"aliases": [
"CVE-2021-47165"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-25T10:15:08Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: fix shutdown crash when component not probed\n\nWhen main component is not probed, by example when the dw-hdmi module is\nnot loaded yet or in probe defer, the following crash appears on shutdown:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\n...\npc : meson_drv_shutdown+0x24/0x50\nlr : platform_drv_shutdown+0x20/0x30\n...\nCall trace:\nmeson_drv_shutdown+0x24/0x50\nplatform_drv_shutdown+0x20/0x30\ndevice_shutdown+0x158/0x360\nkernel_restart_prepare+0x38/0x48\nkernel_restart+0x18/0x68\n__do_sys_reboot+0x224/0x250\n__arm64_sys_reboot+0x24/0x30\n...\n\nSimply check if the priv struct has been allocated before using it.",
"id": "GHSA-rfpv-q7vr-v94r",
"modified": "2025-03-03T18:31:20Z",
"published": "2024-03-25T12:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47165"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4ce2bf20b4a6e307e114847d60b2bf40a6a1fac0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7cfc4ea78fc103ea51ecbacd9236abb5b1c490d2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b4298d33c1fcce511ffe84d8d3de07e220300f9b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b4b91033a0b11fe9ade58156cd9168f89f4a8c1a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d66083c0d6f5125a4d982aa177dd71ab4cd3d212"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e256a0eb43e17209e347409a80805b1659398d68"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RFRR-3G6G-X7WW
Vulnerability from github – Published: 2023-01-26 21:30 – Updated: 2023-02-01 18:30In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application.
{
"affected": [],
"aliases": [
"CVE-2022-44018"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-26T21:17:00Z",
"severity": "HIGH"
},
"details": "In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery announcement message can cause a NULL pointer dereference or out-of-bounds memory access in the subscriber application.",
"id": "GHSA-rfrr-3g6g-x7ww",
"modified": "2023-02-01T18:30:31Z",
"published": "2023-01-26T21:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44018"
},
{
"type": "WEB",
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-10.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RFXP-R28M-8GJR
Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2024-03-21 03:33drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2019-16230"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-09-11T16:15:00Z",
"severity": "HIGH"
},
"details": "drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.",
"id": "GHSA-rfxp-r28m-8gjr",
"modified": "2024-03-21T03:33:41Z",
"published": "2022-05-24T16:55:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16230"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1150468"
},
{
"type": "WEB",
"url": "https://lkml.org/lkml/2019/9/9/487"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20191004-0001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RG45-HMXP-2HP7
Vulnerability from github – Published: 2024-06-27 21:32 – Updated: 2024-07-03 18:47A NULL Pointer Dereference discovered in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function DumpOneStream() at /src/DumpStream.cpp.
{
"affected": [],
"aliases": [
"CVE-2024-39130"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-27T20:15:22Z",
"severity": "HIGH"
},
"details": "A NULL Pointer Dereference discovered in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function DumpOneStream() at /src/DumpStream.cpp.",
"id": "GHSA-rg45-hmxp-2hp7",
"modified": "2024-07-03T18:47:10Z",
"published": "2024-06-27T21:32:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39130"
},
{
"type": "WEB",
"url": "https://github.com/wangf1978/DumpTS/issues/20"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RG77-9F4C-3658
Vulnerability from github – Published: 2022-05-24 17:44 – Updated: 2022-05-24 17:44FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
{
"affected": [],
"aliases": [
"CVE-2021-26235"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-18T14:15:00Z",
"severity": "HIGH"
},
"details": "FastStone Image Viewer \u003c= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.",
"id": "GHSA-rg77-9f4c-3658",
"modified": "2022-05-24T17:44:52Z",
"published": "2022-05-24T17:44:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26235"
},
{
"type": "WEB",
"url": "https://voidsec.com/advisories/cve-2021-26235-faststone-image-viewer-v-7-5-user-mode-write-access-violation"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.