CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-V3PF-MJG9-6C2P
Vulnerability from github – Published: 2025-10-03 21:30 – Updated: 2025-10-08 21:30A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later
{
"affected": [],
"aliases": [
"CVE-2025-52854"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-03T19:15:47Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.6.3195 build 20250715 and later\nQuTS hero h5.2.6.3195 build 20250715 and later",
"id": "GHSA-v3pf-mjg9-6c2p",
"modified": "2025-10-08T21:30:24Z",
"published": "2025-10-03T21:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52854"
},
{
"type": "WEB",
"url": "https://www.qnap.com/en/security-advisory/qsa-25-36"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-V3Q7-V865-V6VX
Vulnerability from github – Published: 2022-05-14 03:06 – Updated: 2022-05-14 03:06In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
{
"affected": [],
"aliases": [
"CVE-2018-12928"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-28T14:29:00Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.",
"id": "GHSA-v3q7-v865-v6vx",
"modified": "2022-05-14T03:06:10Z",
"published": "2022-05-14T03:06:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12928"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384"
},
{
"type": "WEB",
"url": "https://marc.info/?l=linux-fsdevel\u0026m=152407263325766\u0026w=2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104593"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V3QF-Q4VV-2Q93
Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2022-05-13 01:28An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file.
{
"affected": [],
"aliases": [
"CVE-2017-18231"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-14T02:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file.",
"id": "GHSA-v3qf-q4vv-2q93",
"modified": "2022-05-13T01:28:29Z",
"published": "2022-05-13T01:28:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18231"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/475"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4266-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"type": "WEB",
"url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ea074081678b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V3QJ-Q3PX-PCXW
Vulnerability from github – Published: 2025-01-19 12:31 – Updated: 2025-11-03 21:32In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix a missing return value check bug
In the smb2_send_interim_resp(), if ksmbd_alloc_work_struct() fails to allocate a node, it returns a NULL pointer to the in_work pointer. This can lead to an illegal memory write of in_work->response_buf when allocate_interim_rsp_buf() attempts to perform a kzalloc() on it.
To address this issue, incorporating a check for the return value of ksmbd_alloc_work_struct() ensures that the function returns immediately upon allocation failure, thereby preventing the aforementioned illegal memory access.
{
"affected": [],
"aliases": [
"CVE-2024-57925"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-19T12:15:26Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix a missing return value check bug\n\nIn the smb2_send_interim_resp(), if ksmbd_alloc_work_struct()\nfails to allocate a node, it returns a NULL pointer to the\nin_work pointer. This can lead to an illegal memory write of\nin_work-\u003eresponse_buf when allocate_interim_rsp_buf() attempts\nto perform a kzalloc() on it.\n\nTo address this issue, incorporating a check for the return\nvalue of ksmbd_alloc_work_struct() ensures that the function\nreturns immediately upon allocation failure, thereby preventing\nthe aforementioned illegal memory access.",
"id": "GHSA-v3qj-q3px-pcxw",
"modified": "2025-11-03T21:32:14Z",
"published": "2025-01-19T12:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57925"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/271ae0edbfc942795c162e6cf20d2bc02bd7fde4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2976e91a3e569cf2c92c9f71512c0ab1312fe965"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4c16e1cadcbcaf3c82d5fc310fbd34d0f5d0db7c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/781c743e18bfd9b7dc0383f036ae952bd1486f21"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ee7e40f7fb17f08a8cbae50553e5c2e10ae32fce"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V3VW-6693-Q8GX
Vulnerability from github – Published: 2025-07-08 21:30 – Updated: 2025-07-08 21:30Substance3D - Viewer versions 0.22 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2025-43583"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-08T21:15:25Z",
"severity": "MODERATE"
},
"details": "Substance3D - Viewer versions 0.22 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-v3vw-6693-q8gx",
"modified": "2025-07-08T21:30:28Z",
"published": "2025-07-08T21:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43583"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/substance3d-viewer/apsb25-54.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V47W-H9MW-WJ4F
Vulnerability from github – Published: 2024-06-20 12:31 – Updated: 2024-08-19 18:32In the Linux kernel, the following vulnerability has been resolved:
ovl: fix NULL pointer dereference in copy up warning
This patch is fixing a NULL pointer dereference to get a recently introduced warning message working.
{
"affected": [],
"aliases": [
"CVE-2022-48741"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-20T12:15:12Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix NULL pointer dereference in copy up warning\n\nThis patch is fixing a NULL pointer dereference to get a recently\nintroduced warning message working.",
"id": "GHSA-v47w-h9mw-wj4f",
"modified": "2024-08-19T18:32:03Z",
"published": "2024-06-20T12:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48741"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4ee7e4a6c9b298da44029ed9ec8ed23ae49cc209"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9c7f8a35c5a83740c0e3ea540b6ad145c50d79aa"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e6b678c1a3673de6a5d2f4e22bb725a086a0701a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V489-2RF4-QQ7M
Vulnerability from github – Published: 2025-08-22 18:31 – Updated: 2026-01-07 18:30In the Linux kernel, the following vulnerability has been resolved:
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
In the cpcap_usb_detect() function, the power_supply_get_by_name()
function may return NULL instead of an error pointer.
To prevent potential null pointer dereferences, Added a null check.
{
"affected": [],
"aliases": [
"CVE-2025-38634"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-22T16:15:37Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"id": "GHSA-v489-2rf4-qq7m",
"modified": "2026-01-07T18:30:20Z",
"published": "2025-08-22T18:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38634"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/27001e4f146624c4b3389b029bdc0f8049819560"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4ebbb9106aaa2fd58e0359bc3a2490953db2ef0c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8e9bdb563916287ba1b4258812434e0585ac6d00"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9784d832d7c103539cd9afb376534eaa35815d3d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a2436263144980cc99a9860c7b43335847afbe53"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d9fa3aae08f99493e67fb79413c0e95d30fca5e9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f642500aa7ed93d2606e4f929244cce9c7467b3a"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V4C2-2GFG-QH3V
Vulnerability from github – Published: 2024-10-11 18:32 – Updated: 2024-10-11 18:32A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).
When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.
This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series:
- All versions before 21.4R3-S9,
- from 22.2 before 22.2R3-S5,
- from 22.3 before 22.3R3-S4,
- from 22.4 before 22.4R3-S2,
- from 23.2 before 23.2R2-S1,
- from 23.4 before 23.4R2.
{
"affected": [],
"aliases": [
"CVE-2024-47496"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-11T16:15:10Z",
"severity": "MODERATE"
},
"details": "A\u00a0NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).\n\nWhen a specific command is executed, the pfe crashes.\u00a0This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.\n\n This issue only affects MX Series devices with Line cards MPC1-MPC9.\nThis issue affects:\nJunos OS on MX Series: \n\n\n * All versions before 21.4R3-S9, \n * from 22.2 before 22.2R3-S5,\u00a0\n * from 22.3 before 22.3R3-S4, \n * from 22.4 before 22.4R3-S2, \n * from 23.2 before 23.2R2-S1, \n * from 23.4 before 23.4R2.",
"id": "GHSA-v4c2-2gfg-qh3v",
"modified": "2024-10-11T18:32:49Z",
"published": "2024-10-11T18:32:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47496"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-V4GM-XX5V-3J7M
Vulnerability from github – Published: 2024-06-19 15:30 – Updated: 2024-08-27 21:31In the Linux kernel, the following vulnerability has been resolved:
ASoC: mediatek: Assign dummy when codec not specified for a DAI link
MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the codec DAI names at probe time.
If no real codec is present, assign the dummy codec to the DAI link to avoid NULL pointer during string comparison.
{
"affected": [],
"aliases": [
"CVE-2024-38551"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-19T14:15:15Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: Assign dummy when codec not specified for a DAI link\n\nMediaTek sound card drivers are checking whether a DAI link is present\nand used on a board to assign the correct parameters and this is done\nby checking the codec DAI names at probe time.\n\nIf no real codec is present, assign the dummy codec to the DAI link\nto avoid NULL pointer during string comparison.",
"id": "GHSA-v4gm-xx5v-3j7m",
"modified": "2024-08-27T21:31:12Z",
"published": "2024-06-19T15:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38551"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0c052b1c11d8119f3048b1f7b3c39a90500cacf9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5f39231888c63f0a7708abc86b51b847476379d8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/87b8dca6e06f9b1681bc52bf7bfa85c663a11158"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cbbcabc7f0979f6542372cf88d7a9da7143a4226"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V4GX-744X-JR2M
Vulnerability from github – Published: 2026-06-24 09:30 – Updated: 2026-07-08 21:30In the Linux kernel, the following vulnerability has been resolved:
net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion
rds_ib_xmit_atomic() always programs a masked atomic opcode (IB_WR_MASKED_ATOMIC_CMP_AND_SWP or IB_WR_MASKED_ATOMIC_FETCH_AND_ADD) for every RDS atomic cmsg. But the completion-side switch in rds_ib_send_unmap_op() only handles the non-masked opcodes, so a masked atomic completion falls through to default and returns rm == NULL while send->s_op is left set. rds_ib_send_cqe_handler() then dereferences the NULL rm via rm->m_final_op, oopsing in softirq context. An unprivileged AF_RDS sendmsg() of an atomic cmsg over an active RDS/IB connection triggers it; on hardware that natively accepts masked atomics (mlx4, mlx5) no extra setup is needed.
RDS/IB: rds_ib_send_unmap_op: unexpected opcode 0xd in WR! Oops: general protection fault [#1] SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197] RIP: rds_ib_send_cqe_handler+0x25c/0xb10 (net/rds/ib_send.c:282) Call Trace: rds_ib_send_cqe_handler (net/rds/ib_send.c:282) poll_scq (net/rds/ib_cm.c:274) rds_ib_tasklet_fn_send (net/rds/ib_cm.c:294) tasklet_action_common (kernel/softirq.c:943) handle_softirqs (kernel/softirq.c:573) run_ksoftirqd (kernel/softirq.c:479) Kernel panic - not syncing: Fatal exception in interrupt
Handle the masked atomic opcodes in the same case as the non-masked ones: they map to the same struct rds_message.atomic union member, so the existing container_of()/rds_ib_send_unmap_atomic() body is correct for them.
{
"affected": [],
"aliases": [
"CVE-2026-52939"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-24T08:16:24Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion\n\nrds_ib_xmit_atomic() always programs a masked atomic opcode\n(IB_WR_MASKED_ATOMIC_CMP_AND_SWP or IB_WR_MASKED_ATOMIC_FETCH_AND_ADD)\nfor every RDS atomic cmsg. But the completion-side switch in\nrds_ib_send_unmap_op() only handles the non-masked opcodes, so a masked\natomic completion falls through to default and returns rm == NULL while\nsend-\u003es_op is left set. rds_ib_send_cqe_handler() then dereferences the\nNULL rm via rm-\u003em_final_op, oopsing in softirq context. An unprivileged\nAF_RDS sendmsg() of an atomic cmsg over an active RDS/IB connection\ntriggers it; on hardware that natively accepts masked atomics (mlx4,\nmlx5) no extra setup is needed.\n\n RDS/IB: rds_ib_send_unmap_op: unexpected opcode 0xd in WR!\n Oops: general protection fault [#1] SMP KASAN\n KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]\n RIP: rds_ib_send_cqe_handler+0x25c/0xb10 (net/rds/ib_send.c:282)\n Call Trace:\n \u003cIRQ\u003e\n rds_ib_send_cqe_handler (net/rds/ib_send.c:282)\n poll_scq (net/rds/ib_cm.c:274)\n rds_ib_tasklet_fn_send (net/rds/ib_cm.c:294)\n tasklet_action_common (kernel/softirq.c:943)\n handle_softirqs (kernel/softirq.c:573)\n run_ksoftirqd (kernel/softirq.c:479)\n \u003c/IRQ\u003e\n Kernel panic - not syncing: Fatal exception in interrupt\n\nHandle the masked atomic opcodes in the same case as the non-masked\nones: they map to the same struct rds_message.atomic union member, so\nthe existing container_of()/rds_ib_send_unmap_atomic() body is correct\nfor them.",
"id": "GHSA-v4gx-744x-jr2m",
"modified": "2026-07-08T21:30:22Z",
"published": "2026-06-24T09:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-52939"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0f22412a2f4fbbe0251c132abee045d15a90e5b6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0f7baa82a24813cdad0b06a6f8f07e4824af5ed5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/34080db3e70ddf94c38512ad2331e3c3afca6cc1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4dd262f875e87653df50b138de1390ab0628e6b7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4fd34669558085bcb589aa2078a13b0ca79e360d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6e4615164d185a26badb2f376a2449f4d174a5f0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a0148342badd8c9b2e46551766a27cb76c82e715"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dcf458120add64c96a6ef5cf719340453f6e6abf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.