Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-X7M4-FGPQ-JM7C

Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-11-03 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: imx-jpeg: Ensure power suppliers be suspended before detach them

The power suppliers are always requested to suspend asynchronously, dev_pm_domain_detach() requires the caller to ensure proper synchronization of this function with power management callbacks. otherwise the detach may led to kernel panic, like below:

[ 1457.107934] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000040 [ 1457.116777] Mem abort info: [ 1457.119589] ESR = 0x0000000096000004 [ 1457.123358] EC = 0x25: DABT (current EL), IL = 32 bits [ 1457.128692] SET = 0, FnV = 0 [ 1457.131764] EA = 0, S1PTW = 0 [ 1457.134920] FSC = 0x04: level 0 translation fault [ 1457.139812] Data abort info: [ 1457.142707] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 1457.148196] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 1457.153256] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 1457.158563] user pgtable: 4k pages, 48-bit VAs, pgdp=00000001138b6000 [ 1457.165000] [0000000000000040] pgd=0000000000000000, p4d=0000000000000000 [ 1457.171792] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 1457.178045] Modules linked in: v4l2_jpeg wave6_vpu_ctrl(-) [last unloaded: mxc_jpeg_encdec] [ 1457.186383] CPU: 0 PID: 51938 Comm: kworker/0:3 Not tainted 6.6.36-gd23d64eea511 #66 [ 1457.194112] Hardware name: NXP i.MX95 19X19 board (DT) [ 1457.199236] Workqueue: pm pm_runtime_work [ 1457.203247] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 1457.210188] pc : genpd_runtime_suspend+0x20/0x290 [ 1457.214886] lr : __rpm_callback+0x48/0x1d8 [ 1457.218968] sp : ffff80008250bc50 [ 1457.222270] x29: ffff80008250bc50 x28: 0000000000000000 x27: 0000000000000000 [ 1457.229394] x26: 0000000000000000 x25: 0000000000000008 x24: 00000000000f4240 [ 1457.236518] x23: 0000000000000000 x22: ffff00008590f0e4 x21: 0000000000000008 [ 1457.243642] x20: ffff80008099c434 x19: ffff00008590f000 x18: ffffffffffffffff [ 1457.250766] x17: 5300326563697665 x16: 645f676e696c6f6f x15: 63343a6d726f6674 [ 1457.257890] x14: 0000000000000004 x13: 00000000000003a4 x12: 0000000000000002 [ 1457.265014] x11: 0000000000000000 x10: 0000000000000a60 x9 : ffff80008250bbb0 [ 1457.272138] x8 : ffff000092937200 x7 : ffff0003fdf6af80 x6 : 0000000000000000 [ 1457.279262] x5 : 00000000410fd050 x4 : 0000000000200000 x3 : 0000000000000000 [ 1457.286386] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff00008590f000 [ 1457.293510] Call trace: [ 1457.295946] genpd_runtime_suspend+0x20/0x290 [ 1457.300296] __rpm_callback+0x48/0x1d8 [ 1457.304038] rpm_callback+0x6c/0x78 [ 1457.307515] rpm_suspend+0x10c/0x570 [ 1457.311077] pm_runtime_work+0xc4/0xc8 [ 1457.314813] process_one_work+0x138/0x248 [ 1457.318816] worker_thread+0x320/0x438 [ 1457.322552] kthread+0x110/0x114 [ 1457.325767] ret_from_fork+0x10/0x20

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-56575"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-27T15:15:16Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Ensure power suppliers be suspended before detach them\n\nThe power suppliers are always requested to suspend asynchronously,\ndev_pm_domain_detach() requires the caller to ensure proper\nsynchronization of this function with power management callbacks.\notherwise the detach may led to kernel panic, like below:\n\n[ 1457.107934] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000040\n[ 1457.116777] Mem abort info:\n[ 1457.119589]   ESR = 0x0000000096000004\n[ 1457.123358]   EC = 0x25: DABT (current EL), IL = 32 bits\n[ 1457.128692]   SET = 0, FnV = 0\n[ 1457.131764]   EA = 0, S1PTW = 0\n[ 1457.134920]   FSC = 0x04: level 0 translation fault\n[ 1457.139812] Data abort info:\n[ 1457.142707]   ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 1457.148196]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 1457.153256]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 1457.158563] user pgtable: 4k pages, 48-bit VAs, pgdp=00000001138b6000\n[ 1457.165000] [0000000000000040] pgd=0000000000000000, p4d=0000000000000000\n[ 1457.171792] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 1457.178045] Modules linked in: v4l2_jpeg wave6_vpu_ctrl(-) [last unloaded: mxc_jpeg_encdec]\n[ 1457.186383] CPU: 0 PID: 51938 Comm: kworker/0:3 Not tainted 6.6.36-gd23d64eea511 #66\n[ 1457.194112] Hardware name: NXP i.MX95 19X19 board (DT)\n[ 1457.199236] Workqueue: pm pm_runtime_work\n[ 1457.203247] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 1457.210188] pc : genpd_runtime_suspend+0x20/0x290\n[ 1457.214886] lr : __rpm_callback+0x48/0x1d8\n[ 1457.218968] sp : ffff80008250bc50\n[ 1457.222270] x29: ffff80008250bc50 x28: 0000000000000000 x27: 0000000000000000\n[ 1457.229394] x26: 0000000000000000 x25: 0000000000000008 x24: 00000000000f4240\n[ 1457.236518] x23: 0000000000000000 x22: ffff00008590f0e4 x21: 0000000000000008\n[ 1457.243642] x20: ffff80008099c434 x19: ffff00008590f000 x18: ffffffffffffffff\n[ 1457.250766] x17: 5300326563697665 x16: 645f676e696c6f6f x15: 63343a6d726f6674\n[ 1457.257890] x14: 0000000000000004 x13: 00000000000003a4 x12: 0000000000000002\n[ 1457.265014] x11: 0000000000000000 x10: 0000000000000a60 x9 : ffff80008250bbb0\n[ 1457.272138] x8 : ffff000092937200 x7 : ffff0003fdf6af80 x6 : 0000000000000000\n[ 1457.279262] x5 : 00000000410fd050 x4 : 0000000000200000 x3 : 0000000000000000\n[ 1457.286386] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff00008590f000\n[ 1457.293510] Call trace:\n[ 1457.295946]  genpd_runtime_suspend+0x20/0x290\n[ 1457.300296]  __rpm_callback+0x48/0x1d8\n[ 1457.304038]  rpm_callback+0x6c/0x78\n[ 1457.307515]  rpm_suspend+0x10c/0x570\n[ 1457.311077]  pm_runtime_work+0xc4/0xc8\n[ 1457.314813]  process_one_work+0x138/0x248\n[ 1457.318816]  worker_thread+0x320/0x438\n[ 1457.322552]  kthread+0x110/0x114\n[ 1457.325767]  ret_from_fork+0x10/0x20",
  "id": "GHSA-x7m4-fgpq-jm7c",
  "modified": "2025-11-03T21:31:51Z",
  "published": "2024-12-27T15:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56575"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/12914fd765ba4f9d6a9a50439e8dd2e9f91423f2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2f86d104539fab9181ea7b5721f40e7b92a8bf67"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b7a830bbc25da0f641e3ef2bac3b1766b2777a8b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f3c4e088ec01cae45931a18ddf7cae0f4d72e1c5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fd0af4cd35da0eb550ef682b71cda70a4e36f6b9"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X7XX-Q6M5-JW79

Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-01-08 21:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: imx-audmix: Add NULL check in imx_audmix_probe

devm_kasprintf() can return a NULL pointer on failure,but this returned value in imx_audmix_probe() is not checked. Add NULL check in imx_audmix_probe(), to handle kernel NULL pointer dereference error.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-53199"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-27T14:15:27Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-audmix: Add NULL check in imx_audmix_probe\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in imx_audmix_probe() is not checked.\nAdd NULL check in imx_audmix_probe(), to handle kernel NULL\npointer dereference error.",
  "id": "GHSA-x7xx-q6m5-jw79",
  "modified": "2025-01-08T21:32:24Z",
  "published": "2024-12-27T15:31:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53199"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c040cbe2e13da6454ae4748e04e53d885e1c9603"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dc5aa71f39b44d8117b2417dafd0e2884a75dd37"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e038f43edaf0083f6aa7c9415d86cf28dfd152f9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X82J-M6F3-7F78

Vulnerability from github – Published: 2022-10-20 12:00 – Updated: 2022-10-24 19:00
VLAI
Details

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-41787"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-19T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate.",
  "id": "GHSA-x82j-m6f3-7f78",
  "modified": "2022-10-24T19:00:25Z",
  "published": "2022-10-20T12:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41787"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K70569537"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X852-P4X4-VCGF

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI
Details

A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. This issue occurs in the megasas_command_cancelled() callback function while dropping a SCSI request. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-35503"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-02T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. This issue occurs in the megasas_command_cancelled() callback function while dropping a SCSI request. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
  "id": "GHSA-x852-p4x4-vcgf",
  "modified": "2022-05-24T19:03:54Z",
  "published": "2022-05-24T19:03:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35503"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1910346"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210720-0008"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X87M-JMX5-5M6G

Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2022-10-14 19:00
VLAI
Details

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_odf_avc_cfg_write_bs() in odf/descriptors.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-20163"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-31T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_odf_avc_cfg_write_bs() in odf/descriptors.c.",
  "id": "GHSA-x87m-jmx5-5m6g",
  "modified": "2022-10-14T19:00:16Z",
  "published": "2022-05-24T17:05:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20163"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/issues/1335"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00017.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X8FR-74RG-389V

Vulnerability from github – Published: 2025-03-07 21:31 – Updated: 2025-03-07 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()

In an unlikely (and probably wrong?) case that the 'ppi' parameter of ata_host_alloc_pinfo() points to an array starting with a NULL pointer, there's going to be a kernel oops as the 'pi' local variable won't get reassigned from the initial value of NULL. Initialize 'pi' instead to '&ata_dummy_port_info' to fix the possible kernel oops for good...

Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49731"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:48Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()\n\nIn an unlikely (and probably wrong?) case that the \u0027ppi\u0027 parameter of\nata_host_alloc_pinfo() points to an array starting with a NULL pointer,\nthere\u0027s going to be a kernel oops as the \u0027pi\u0027 local variable won\u0027t get\nreassigned from the initial value of NULL. Initialize \u0027pi\u0027 instead to\n\u0027\u0026ata_dummy_port_info\u0027 to fix the possible kernel oops for good...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
  "id": "GHSA-x8fr-74rg-389v",
  "modified": "2025-03-07T21:31:04Z",
  "published": "2025-03-07T21:31:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49731"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/07cbdb4807d369fbda73062a91b570c4dc5ec429"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1ac5efee33f29e704226506d429b84575a5d66f8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/253334f84c81bc6a43af489f108c0bddad989eef"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/36cd19e7d4e5571d77a2ed20c5b6ef50cf57734a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a810bd5af06977a847d1f202b22d7defd5c62497"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bf476fe22aa1851bab4728e0c49025a6a0bea307"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ca4693e6e06e4fd2b240c0fec47aa2498c94848e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ff128fbea720bf763fa345680dda5f050bc24a47"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X8RM-M93R-JQP2

Vulnerability from github – Published: 2024-04-05 21:32 – Updated: 2025-06-17 21:31
VLAI
Details

In asn1_ec_pkey_parse of asn1_common.c, there is a possible OOB read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27232"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-05T20:15:07Z",
    "severity": "MODERATE"
  },
  "details": "In asn1_ec_pkey_parse of asn1_common.c, there is a possible OOB read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-x8rm-m93r-jqp2",
  "modified": "2025-06-17T21:31:38Z",
  "published": "2024-04-05T21:32:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27232"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2024-04-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X8WR-3XMC-RP7M

Vulnerability from github – Published: 2022-05-14 00:58 – Updated: 2022-05-14 00:58
VLAI
Details

An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-10873"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-05T04:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.",
  "id": "GHSA-x8wr-3xmc-rp7m",
  "modified": "2022-05-14T00:58:03Z",
  "published": "2022-05-14T00:58:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10873"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/748"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4042-1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107862"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X8X6-CPP7-M689

Vulnerability from github – Published: 2026-02-10 18:30 – Updated: 2026-02-10 18:30
VLAI
Details

Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-21336"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T18:16:31Z",
    "severity": "MODERATE"
  },
  "details": "Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-x8x6-cpp7-m689",
  "modified": "2026-02-10T18:30:42Z",
  "published": "2026-02-10T18:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21336"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/substance3d_designer/apsb26-19.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X938-FVFW-7JH5

Vulnerability from github – Published: 2022-06-25 07:11 – Updated: 2022-06-25 07:11
VLAI
Summary
CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server
Details

Impact

A malicious message response from KubeEdge can crash the CSI Driver controller server by triggering a nil-pointer dereference panic. As a consequence, the CSI Driver controller will be in denial of service. An attacker would already need to be an authenticated user of the Cloud, and only when the authenticated user launches the csidriver then CloudCore may be attacked.

Patches

This bug has been fixed in Kubeedge 1.11.0, 1.10.1, and 1.9.3. Users should update to these versions to resolve the issue.

Workarounds

At the time of writing, no workaround exists.

References

NA

Credits

Thanks David Korczynski and Adam Korczynski of ADA Logics for responsibly disclosing this issue in accordance with the kubeedge security policy during a security audit sponsored by CNCF and facilitated by OSTIF.

For more information

If you have any questions or comments about this advisory: * Open an issue in KubeEdge repo * To make a vulnerability report, email your vulnerability to the private cncf-kubeedge-security@lists.cncf.io list with the security details and the details expected for KubeEdge bug reports.

Notes: This vulnerability was found by fuzzing KubeEdge by way of OSS-Fuzz.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kubeedge/kubeedge"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.10.0"
            },
            {
              "fixed": "1.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.10.0"
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kubeedge/kubeedge"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.9.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-31077"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-25T07:11:05Z",
    "nvd_published_at": "2022-06-27T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nA malicious message response from KubeEdge can crash the CSI Driver controller server by triggering a nil-pointer dereference panic. As a consequence, the CSI Driver controller will be in denial of service. An attacker would already need to be an authenticated user of the Cloud, and only when the authenticated user launches the `csidriver` then CloudCore may be attacked.\n\n### Patches\nThis bug has been fixed in Kubeedge 1.11.0, 1.10.1, and 1.9.3. Users should update to these versions to resolve the issue.\n\n### Workarounds\nAt the time of writing, no workaround exists.\n\n### References\nNA\n\n### Credits\nThanks David Korczynski and Adam Korczynski of ADA Logics for responsibly disclosing this issue in accordance with the [kubeedge security policy](https://github.com/kubeedge/kubeedge/security/policy) during a security audit sponsored by CNCF and facilitated by OSTIF.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [KubeEdge repo](https://github.com/kubeedge/kubeedge/issues/new/choose)\n* To make a vulnerability report, email your vulnerability to the private [cncf-kubeedge-security@lists.cncf.io](mailto:cncf-kubeedge-security@lists.cncf.io) list with the security details and the details expected for [KubeEdge bug reports](https://github.com/kubeedge/kubeedge/blob/master/.github/ISSUE_TEMPLATE/bug-report.md).\n\n**Notes:** This vulnerability was found by fuzzing KubeEdge by way of OSS-Fuzz.",
  "id": "GHSA-x938-fvfw-7jh5",
  "modified": "2022-06-25T07:11:05Z",
  "published": "2022-06-25T07:11:05Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/kubeedge/kubeedge/security/advisories/GHSA-x938-fvfw-7jh5"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31077"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kubeedge/kubeedge/pull/3899"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kubeedge/kubeedge/pull/3899/commits/5d60ae9eabd6b6b7afe38758e19bbe8137664701"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kubeedge/kubeedge"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server"
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.