Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-XC48-HF3X-34M6

Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2024-06-03 18:55
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()

of_match_device() may fail and returns a NULL pointer.

In practice there is no known reasonable way to trigger this, but in case one is added in future, harden the code by adding the check

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-52802"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T16:15:18Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()\n\nof_match_device() may fail and returns a NULL pointer.\n\nIn practice there is no known reasonable way to trigger this, but\nin case one is added in future, harden the code by adding the check",
  "id": "GHSA-xc48-hf3x-34m6",
  "modified": "2024-06-03T18:55:26Z",
  "published": "2024-05-21T18:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52802"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3a23b384e7e3d64d5587ad10729a34d4f761517e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5b82e4240533bcd4691e50b64ec86d0d7fbd21b9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b028f89c56e964a22d3ddb8eab1a0e7e980841b9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b80aaff5f7817d50798ac61ed75973f004dd5202"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XC4X-FQR6-J637

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-04-04 02:20
VLAI
Details

Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-17454"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-10T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.",
  "id": "GHSA-xc4x-fqr6-j637",
  "modified": "2024-04-04T02:20:53Z",
  "published": "2022-05-24T16:58:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17454"
    },
    {
      "type": "WEB",
      "url": "https://github.com/axiomatic-systems/Bento4/issues/435"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XC6R-VPP5-48CQ

Vulnerability from github – Published: 2022-07-27 00:00 – Updated: 2022-07-29 00:00
VLAI
Details

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-33454"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-26T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c.",
  "id": "GHSA-xc6r-vpp5-48cq",
  "modified": "2022-07-29T00:00:35Z",
  "published": "2022-07-27T00:00:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33454"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yasm/yasm/issues/166"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XC9V-4MXJ-7QPH

Vulnerability from github – Published: 2023-08-25 21:30 – Updated: 2024-04-04 07:13
VLAI
Details

An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-36199"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-25T20:15:08Z",
    "severity": "HIGH"
  },
  "details": "An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component.",
  "id": "GHSA-xc9v-4mxj-7qph",
  "modified": "2024-04-04T07:13:17Z",
  "published": "2023-08-25T21:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36199"
    },
    {
      "type": "WEB",
      "url": "https://github.com/skalenetwork/sgxwallet/issues/419"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XCFC-R834-76G4

Vulnerability from github – Published: 2024-03-02 00:31 – Updated: 2024-12-10 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: qedf: Add pointer checks in qedf_update_link_speed()

The following trace was observed:

[ 14.042059] Call Trace: [ 14.042061] [ 14.042068] qedf_link_update+0x144/0x1f0 [qedf] [ 14.042117] qed_link_update+0x5c/0x80 [qed] [ 14.042135] qed_mcp_handle_link_change+0x2d2/0x410 [qed] [ 14.042155] ? qed_set_ptt+0x70/0x80 [qed] [ 14.042170] ? qed_set_ptt+0x70/0x80 [qed] [ 14.042186] ? qed_rd+0x13/0x40 [qed] [ 14.042205] qed_mcp_handle_events+0x437/0x690 [qed] [ 14.042221] ? qed_set_ptt+0x70/0x80 [qed] [ 14.042239] qed_int_sp_dpc+0x3a6/0x3e0 [qed] [ 14.042245] tasklet_action_common.isra.14+0x5a/0x100 [ 14.042250] __do_softirq+0xe4/0x2f8 [ 14.042253] irq_exit+0xf7/0x100 [ 14.042255] do_IRQ+0x7f/0xd0 [ 14.042257] common_interrupt+0xf/0xf [ 14.042259]

API qedf_link_update() is getting called from QED but by that time shost_data is not initialised. This results in a NULL pointer dereference when we try to dereference shost_data while updating supported_speeds.

Add a NULL pointer check before dereferencing shost_data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47077"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-01T22:15:47Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Add pointer checks in qedf_update_link_speed()\n\nThe following trace was observed:\n\n [   14.042059] Call Trace:\n [   14.042061]  \u003cIRQ\u003e\n [   14.042068]  qedf_link_update+0x144/0x1f0 [qedf]\n [   14.042117]  qed_link_update+0x5c/0x80 [qed]\n [   14.042135]  qed_mcp_handle_link_change+0x2d2/0x410 [qed]\n [   14.042155]  ? qed_set_ptt+0x70/0x80 [qed]\n [   14.042170]  ? qed_set_ptt+0x70/0x80 [qed]\n [   14.042186]  ? qed_rd+0x13/0x40 [qed]\n [   14.042205]  qed_mcp_handle_events+0x437/0x690 [qed]\n [   14.042221]  ? qed_set_ptt+0x70/0x80 [qed]\n [   14.042239]  qed_int_sp_dpc+0x3a6/0x3e0 [qed]\n [   14.042245]  tasklet_action_common.isra.14+0x5a/0x100\n [   14.042250]  __do_softirq+0xe4/0x2f8\n [   14.042253]  irq_exit+0xf7/0x100\n [   14.042255]  do_IRQ+0x7f/0xd0\n [   14.042257]  common_interrupt+0xf/0xf\n [   14.042259]  \u003c/IRQ\u003e\n\nAPI qedf_link_update() is getting called from QED but by that time\nshost_data is not initialised. This results in a NULL pointer dereference\nwhen we try to dereference shost_data while updating supported_speeds.\n\nAdd a NULL pointer check before dereferencing shost_data.",
  "id": "GHSA-xcfc-r834-76g4",
  "modified": "2024-12-10T21:30:51Z",
  "published": "2024-03-02T00:31:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47077"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/11014efcec378bb0050a6cf08eaf375e3693400a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/73578af92a0fae6609b955fcc9113e50e413c80f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a6362a737572f66051deb7637f3f77ddf7a4402f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XCFX-VQJ9-HFV6

Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2022-05-24 17:19
VLAI
Details

An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-20816"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-06-04T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.",
  "id": "GHSA-xcfx-vqj9-hfv6",
  "modified": "2022-05-24T17:19:14Z",
  "published": "2022-05-24T17:19:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20816"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-XCGF-679W-PGVP

Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-11-24 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

tracing: Fix null pointer dereference in tracing_err_log_open()

Fix an issue in function 'tracing_err_log_open'. The function doesn't call 'seq_open' if the file is opened only with write permissions, which results in 'file->private_data' being left as null. If we then use 'lseek' on that opened file, 'seq_lseek' dereferences 'file->private_data' in 'mutex_lock(&m->lock)', resulting in a kernel panic. Writing to this node requires root privileges, therefore this bug has very little security impact.

Tracefs node: /sys/kernel/tracing/error_log

Example Kernel panic:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000038 Call trace: mutex_lock+0x30/0x110 seq_lseek+0x34/0xb8 __arm64_sys_lseek+0x6c/0xb8 invoke_syscall+0x58/0x13c el0_svc_common+0xc4/0x10c do_el0_svc+0x24/0x98 el0_svc+0x24/0x88 el0t_64_sync_handler+0x84/0xe4 el0t_64_sync+0x1b4/0x1b8 Code: d503201f aa0803e0 aa1f03e1 aa0103e9 (c8e97d02) ---[ end trace 561d1b49c12cf8a5 ]--- Kernel panic - not syncing: Oops: Fatal exception

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53167"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-15T14:15:38Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix null pointer dereference in tracing_err_log_open()\n\nFix an issue in function \u0027tracing_err_log_open\u0027.\nThe function doesn\u0027t call \u0027seq_open\u0027 if the file is opened only with\nwrite permissions, which results in \u0027file-\u003eprivate_data\u0027 being left as null.\nIf we then use \u0027lseek\u0027 on that opened file, \u0027seq_lseek\u0027 dereferences\n\u0027file-\u003eprivate_data\u0027 in \u0027mutex_lock(\u0026m-\u003elock)\u0027, resulting in a kernel panic.\nWriting to this node requires root privileges, therefore this bug\nhas very little security impact.\n\nTracefs node: /sys/kernel/tracing/error_log\n\nExample Kernel panic:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\nCall trace:\n mutex_lock+0x30/0x110\n seq_lseek+0x34/0xb8\n __arm64_sys_lseek+0x6c/0xb8\n invoke_syscall+0x58/0x13c\n el0_svc_common+0xc4/0x10c\n do_el0_svc+0x24/0x98\n el0_svc+0x24/0x88\n el0t_64_sync_handler+0x84/0xe4\n el0t_64_sync+0x1b4/0x1b8\nCode: d503201f aa0803e0 aa1f03e1 aa0103e9 (c8e97d02)\n---[ end trace 561d1b49c12cf8a5 ]---\nKernel panic - not syncing: Oops: Fatal exception",
  "id": "GHSA-xcgf-679w-pgvp",
  "modified": "2025-11-24T21:30:57Z",
  "published": "2025-09-15T15:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53167"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02b0095e2fbbc060560c1065f86a211d91e27b26"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1e1c9aa9288a46c342f0f2c5c0b1c0876b9b0276"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3b5d9b7b875968a8a8c99dac45cb85b705c44802"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7060e5aac6dc195124c106f49106d653a416323a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/93114cbc7cb169f6f26eeaed5286b91bb86b463b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/938d5b7a75e18264887387ddf9169db6d8aeef98"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XCGM-PVWF-MJQ7

Vulnerability from github – Published: 2022-02-15 00:03 – Updated: 2022-10-07 00:00
VLAI
Details

In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-45343"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-25T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.",
  "id": "GHSA-xcgm-pvwf-mjq7",
  "modified": "2022-10-07T00:00:57Z",
  "published": "2022-02-15T00:03:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45343"
    },
    {
      "type": "WEB",
      "url": "https://github.com/LibreCAD/LibreCAD/issues/1468"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCC2FZ6HZOIK3775K4MTCOUHX6PLGPEL"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUMH3CWGVSMR2UIZEA35Q5UB7PDVVVYS"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202305-26"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5077"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XCH4-2QR5-J58J

Vulnerability from github – Published: 2025-08-12 18:31 – Updated: 2025-08-12 18:31
VLAI
Details

NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24515"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-12T17:15:34Z",
    "severity": "MODERATE"
  },
  "details": "NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.",
  "id": "GHSA-xch4-2qr5-j58j",
  "modified": "2025-08-12T18:31:29Z",
  "published": "2025-08-12T18:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24515"
    },
    {
      "type": "WEB",
      "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01299.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-XCH5-PWH8-CF69

Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-29 00:00
VLAI
Details

A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32785"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-23T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service.",
  "id": "GHSA-xch5-pwh8-cf69",
  "modified": "2022-09-29T00:00:27Z",
  "published": "2022-09-25T00:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32785"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213343"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213344"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213345"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213346"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.