Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-V85J-V436-GX72

Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-17 00:00
VLAI
Details

Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42263"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-16T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-v85j-v436-gx72",
  "modified": "2022-03-17T00:00:28Z",
  "published": "2022-03-17T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42263"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/premiere_pro/apsb21-100.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V86R-5X9G-5Q8J

Vulnerability from github – Published: 2024-05-19 12:30 – Updated: 2026-05-12 12:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

pstore/zone: Add a null pointer check to the psz_kmsg_read

kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35940"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-19T11:15:49Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/zone: Add a null pointer check to the psz_kmsg_read\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
  "id": "GHSA-v86r-5x9g-5q8j",
  "modified": "2026-05-12T12:31:50Z",
  "published": "2024-05-19T12:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35940"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V872-3CHQ-4HC9

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-07-11 00:00
VLAI
Details

A segmentation violation in the Iec104_Deal_FirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service (DOS).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-18731"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-23T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "A segmentation violation in the Iec104_Deal_FirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service (DOS).",
  "id": "GHSA-v872-3chq-4hc9",
  "modified": "2022-07-11T00:00:23Z",
  "published": "2022-05-24T19:11:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-18731"
    },
    {
      "type": "WEB",
      "url": "https://github.com/airpig2011/IEC104/issues/5"
    },
    {
      "type": "WEB",
      "url": "https://cwe.mitre.org/data/definitions/476.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V8H3-C8G3-CJH3

Vulnerability from github – Published: 2022-05-24 19:15 – Updated: 2022-05-24 19:15
VLAI
Details

Other An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function updateusage() located in swftext.c. It allows an attacker to cause Denial of Service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39594"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-20T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Other An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function updateusage() located in swftext.c. It allows an attacker to cause Denial of Service.",
  "id": "GHSA-v8h3-c8g3-cjh3",
  "modified": "2022-05-24T19:15:04Z",
  "published": "2022-05-24T19:15:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39594"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matthiaskramm/swftools/issues/142"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-V8H5-CGHP-Q3C4

Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2026-05-12 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

serial: protect uart_port_dtr_rts() in uart_shutdown() too

Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the commit assumes, uport can be NULL in there. But right after that protection, there is an unprotected "uart_port_dtr_rts(uport, false);" call. That is invoked only if HUPCL is set, so I assume that is the reason why we do not see lots of these reports.

Or it cannot be NULL at this point at all for some reason :P.

Until the above is investigated, stay on the safe side and move this dereference to the if too.

I got this inconsistency from Coverity under CID 1585130. Thanks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50058"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-21T20:15:17Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: protect uart_port_dtr_rts() in uart_shutdown() too\n\nCommit af224ca2df29 (serial: core: Prevent unsafe uart port access, part\n3) added few uport == NULL checks. It added one to uart_shutdown(), so\nthe commit assumes, uport can be NULL in there. But right after that\nprotection, there is an unprotected \"uart_port_dtr_rts(uport, false);\"\ncall. That is invoked only if HUPCL is set, so I assume that is the\nreason why we do not see lots of these reports.\n\nOr it cannot be NULL at this point at all for some reason :P.\n\nUntil the above is investigated, stay on the safe side and move this\ndereference to the if too.\n\nI got this inconsistency from Coverity under CID 1585130. Thanks.",
  "id": "GHSA-v8h5-cghp-q3c4",
  "modified": "2026-05-12T15:30:39Z",
  "published": "2024-10-21T21:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50058"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2fe399bb8efd0d325ab1138cf8e3ecf23a39e96d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/399927f0f875b93f3d5a0336d382ba48b8671eb2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/602babaa84d627923713acaf5f7e9a4369e77473"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/76ed24a34223bb2c6b6162e1d8389ec4e602a290"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d7b5876a6e74cdf8468a478be6b23f2f5464ac7a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e418d91195d29d5f9c9685ff309b92b04b41dc40"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V8JH-86H6-PV7W

Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31
VLAI
Details

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-49686"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T17:15:54Z",
    "severity": "HIGH"
  },
  "details": "Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.",
  "id": "GHSA-v8jh-86h6-pv7w",
  "modified": "2025-07-08T18:31:47Z",
  "published": "2025-07-08T18:31:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49686"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49686"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V8JX-RCVC-5428

Vulnerability from github – Published: 2022-05-17 00:14 – Updated: 2022-05-17 00:14
VLAI
Details

The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-17129"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-12-04T08:29:00Z",
    "severity": "HIGH"
  },
  "details": "The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.",
  "id": "GHSA-v8jx-rcvc-5428",
  "modified": "2022-05-17T00:14:40Z",
  "published": "2022-05-17T00:14:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17129"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.libav.org/show_bug.cgi?id=1101"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V8M2-RXQ9-9X2J

Vulnerability from github – Published: 2025-10-27 21:30 – Updated: 2025-10-28 18:30
VLAI
Details

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-61100"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-27T19:16:05Z",
    "severity": "HIGH"
  },
  "details": "FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.",
  "id": "GHSA-v8m2-rxq9-9x2j",
  "modified": "2025-10-28T18:30:28Z",
  "published": "2025-10-27T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61100"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/issues/19471"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/pull/19480"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/pull/19480/commits/cda5ddac0940562d1dca7cbef34d0ce5b00f160b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61100.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V8MR-FRX6-J364

Vulnerability from github – Published: 2025-05-20 18:30 – Updated: 2025-12-17 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

xenbus: Use kref to track req lifetime

Marek reported seeing a NULL pointer fault in the xenbus_thread callstack: BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: e030:__wake_up_common+0x4c/0x180 Call Trace: __wake_up_common_lock+0x82/0xd0 process_msg+0x18e/0x2f0 xenbus_thread+0x165/0x1c0

process_msg+0x18e is req->cb(req). req->cb is set to xs_wake_up(), a thin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems like it was xs_wake_up() in this case.

It seems like req may have woken up the xs_wait_for_reply(), which kfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed data.

Linux Device Drivers 2nd edition states: "Normally, a wake_up call can cause an immediate reschedule to happen, meaning that other processes might run before wake_up returns." ... which would match the behaviour observed.

Change to keeping two krefs on each request. One for the caller, and one for xenbus_thread. Each will kref_put() when finished, and the last will free it.

This use of kref matches the description in Documentation/core-api/kref.rst

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-37949"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-20T16:15:32Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req).  req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply().  It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req.  When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request.  One for the caller, and\none for xenbus_thread.  Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
  "id": "GHSA-v8mr-frx6-j364",
  "modified": "2025-12-17T21:30:29Z",
  "published": "2025-05-20T18:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37949"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0e94a246bb6d9538010b6c02d2b1d4717a97b2e5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1f0304dfd9d217c2f8b04a9ef4b3258a66eedd27"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2466b0f66795c3c426cacc8998499f38031dbb59"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4d260a5558df4650eb87bc41b2c9ac2d6b2ba447"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8b02f85e84dc6f7c150cef40ddb69af5a25659e5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8e9c8a0393b5f85f1820c565ab8105660f4e8f92"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cbfaf46b88a4c01b64c4186cdccd766c19ae644c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f1bcac367bc95631afbb918348f30dec887d0e1b"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V8P3-MFRC-9V8J

Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2024-12-24 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb

We should always check if skb_header_pointer's return is NULL before using it, otherwise it may cause null-ptr-deref, as syzbot reported:

KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:sctp_rcv_ootb net/sctp/input.c:705 [inline] RIP: 0010:sctp_rcv+0x1d84/0x3220 net/sctp/input.c:196 Call Trace: sctp6_rcv+0x38/0x60 net/sctp/ipv6.c:1109 ip6_protocol_deliver_rcu+0x2e9/0x1ca0 net/ipv6/ip6_input.c:422 ip6_input_finish+0x62/0x170 net/ipv6/ip6_input.c:463 NF_HOOK include/linux/netfilter.h:307 [inline] NF_HOOK include/linux/netfilter.h:301 [inline] ip6_input+0x9c/0xd0 net/ipv6/ip6_input.c:472 dst_input include/net/dst.h:460 [inline] ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] NF_HOOK include/linux/netfilter.h:301 [inline] ipv6_rcv+0x28c/0x3c0 net/ipv6/ip6_input.c:297

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47397"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T15:15:25Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb\n\nWe should always check if skb_header_pointer\u0027s return is NULL before\nusing it, otherwise it may cause null-ptr-deref, as syzbot reported:\n\n  KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n  RIP: 0010:sctp_rcv_ootb net/sctp/input.c:705 [inline]\n  RIP: 0010:sctp_rcv+0x1d84/0x3220 net/sctp/input.c:196\n  Call Trace:\n  \u003cIRQ\u003e\n   sctp6_rcv+0x38/0x60 net/sctp/ipv6.c:1109\n   ip6_protocol_deliver_rcu+0x2e9/0x1ca0 net/ipv6/ip6_input.c:422\n   ip6_input_finish+0x62/0x170 net/ipv6/ip6_input.c:463\n   NF_HOOK include/linux/netfilter.h:307 [inline]\n   NF_HOOK include/linux/netfilter.h:301 [inline]\n   ip6_input+0x9c/0xd0 net/ipv6/ip6_input.c:472\n   dst_input include/net/dst.h:460 [inline]\n   ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline]\n   NF_HOOK include/linux/netfilter.h:307 [inline]\n   NF_HOOK include/linux/netfilter.h:301 [inline]\n   ipv6_rcv+0x28c/0x3c0 net/ipv6/ip6_input.c:297",
  "id": "GHSA-v8p3-mfrc-9v8j",
  "modified": "2024-12-24T18:30:48Z",
  "published": "2024-05-21T15:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47397"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/77bc7dcf0fcc1519341a91788d7a2914fcfddf6d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8180611c238e11676612eb2a9828b1c7a3a4d77b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8c630a7b4f9dec63f08bd881ab77984a724a5124"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9c6591ae8e63f93c895ad5e2703c36c548aac997"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ec018021cf445abbe8e2f3e2a7f1dcc813cb8ea1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f7e745f8e94492a8ac0b0a26e25f2b19d342918f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.