CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-XC48-HF3X-34M6
Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2024-06-03 18:55In the Linux kernel, the following vulnerability has been resolved:
iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()
of_match_device() may fail and returns a NULL pointer.
In practice there is no known reasonable way to trigger this, but in case one is added in future, harden the code by adding the check
{
"affected": [],
"aliases": [
"CVE-2023-52802"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T16:15:18Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()\n\nof_match_device() may fail and returns a NULL pointer.\n\nIn practice there is no known reasonable way to trigger this, but\nin case one is added in future, harden the code by adding the check",
"id": "GHSA-xc48-hf3x-34m6",
"modified": "2024-06-03T18:55:26Z",
"published": "2024-05-21T18:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52802"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3a23b384e7e3d64d5587ad10729a34d4f761517e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5b82e4240533bcd4691e50b64ec86d0d7fbd21b9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b028f89c56e964a22d3ddb8eab1a0e7e980841b9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b80aaff5f7817d50798ac61ed75973f004dd5202"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XC4X-FQR6-J637
Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-04-04 02:20Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.
{
"affected": [],
"aliases": [
"CVE-2019-17454"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-10T17:15:00Z",
"severity": "MODERATE"
},
"details": "Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.",
"id": "GHSA-xc4x-fqr6-j637",
"modified": "2024-04-04T02:20:53Z",
"published": "2022-05-24T16:58:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17454"
},
{
"type": "WEB",
"url": "https://github.com/axiomatic-systems/Bento4/issues/435"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XC6R-VPP5-48CQ
Vulnerability from github – Published: 2022-07-27 00:00 – Updated: 2022-07-29 00:00An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c.
{
"affected": [],
"aliases": [
"CVE-2021-33454"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-26T13:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c.",
"id": "GHSA-xc6r-vpp5-48cq",
"modified": "2022-07-29T00:00:35Z",
"published": "2022-07-27T00:00:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33454"
},
{
"type": "WEB",
"url": "https://github.com/yasm/yasm/issues/166"
},
{
"type": "WEB",
"url": "https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XC9V-4MXJ-7QPH
Vulnerability from github – Published: 2023-08-25 21:30 – Updated: 2024-04-04 07:13An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component.
{
"affected": [],
"aliases": [
"CVE-2023-36199"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-25T20:15:08Z",
"severity": "HIGH"
},
"details": "An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component.",
"id": "GHSA-xc9v-4mxj-7qph",
"modified": "2024-04-04T07:13:17Z",
"published": "2023-08-25T21:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36199"
},
{
"type": "WEB",
"url": "https://github.com/skalenetwork/sgxwallet/issues/419"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XCFC-R834-76G4
Vulnerability from github – Published: 2024-03-02 00:31 – Updated: 2024-12-10 21:30In the Linux kernel, the following vulnerability has been resolved:
scsi: qedf: Add pointer checks in qedf_update_link_speed()
The following trace was observed:
[ 14.042059] Call Trace: [ 14.042061] [ 14.042068] qedf_link_update+0x144/0x1f0 [qedf] [ 14.042117] qed_link_update+0x5c/0x80 [qed] [ 14.042135] qed_mcp_handle_link_change+0x2d2/0x410 [qed] [ 14.042155] ? qed_set_ptt+0x70/0x80 [qed] [ 14.042170] ? qed_set_ptt+0x70/0x80 [qed] [ 14.042186] ? qed_rd+0x13/0x40 [qed] [ 14.042205] qed_mcp_handle_events+0x437/0x690 [qed] [ 14.042221] ? qed_set_ptt+0x70/0x80 [qed] [ 14.042239] qed_int_sp_dpc+0x3a6/0x3e0 [qed] [ 14.042245] tasklet_action_common.isra.14+0x5a/0x100 [ 14.042250] __do_softirq+0xe4/0x2f8 [ 14.042253] irq_exit+0xf7/0x100 [ 14.042255] do_IRQ+0x7f/0xd0 [ 14.042257] common_interrupt+0xf/0xf [ 14.042259]
API qedf_link_update() is getting called from QED but by that time shost_data is not initialised. This results in a NULL pointer dereference when we try to dereference shost_data while updating supported_speeds.
Add a NULL pointer check before dereferencing shost_data.
{
"affected": [],
"aliases": [
"CVE-2021-47077"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-01T22:15:47Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Add pointer checks in qedf_update_link_speed()\n\nThe following trace was observed:\n\n [ 14.042059] Call Trace:\n [ 14.042061] \u003cIRQ\u003e\n [ 14.042068] qedf_link_update+0x144/0x1f0 [qedf]\n [ 14.042117] qed_link_update+0x5c/0x80 [qed]\n [ 14.042135] qed_mcp_handle_link_change+0x2d2/0x410 [qed]\n [ 14.042155] ? qed_set_ptt+0x70/0x80 [qed]\n [ 14.042170] ? qed_set_ptt+0x70/0x80 [qed]\n [ 14.042186] ? qed_rd+0x13/0x40 [qed]\n [ 14.042205] qed_mcp_handle_events+0x437/0x690 [qed]\n [ 14.042221] ? qed_set_ptt+0x70/0x80 [qed]\n [ 14.042239] qed_int_sp_dpc+0x3a6/0x3e0 [qed]\n [ 14.042245] tasklet_action_common.isra.14+0x5a/0x100\n [ 14.042250] __do_softirq+0xe4/0x2f8\n [ 14.042253] irq_exit+0xf7/0x100\n [ 14.042255] do_IRQ+0x7f/0xd0\n [ 14.042257] common_interrupt+0xf/0xf\n [ 14.042259] \u003c/IRQ\u003e\n\nAPI qedf_link_update() is getting called from QED but by that time\nshost_data is not initialised. This results in a NULL pointer dereference\nwhen we try to dereference shost_data while updating supported_speeds.\n\nAdd a NULL pointer check before dereferencing shost_data.",
"id": "GHSA-xcfc-r834-76g4",
"modified": "2024-12-10T21:30:51Z",
"published": "2024-03-02T00:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47077"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/11014efcec378bb0050a6cf08eaf375e3693400a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/73578af92a0fae6609b955fcc9113e50e413c80f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a6362a737572f66051deb7637f3f77ddf7a4402f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XCFX-VQJ9-HFV6
Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2022-05-24 17:19An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2019-20816"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-04T16:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.",
"id": "GHSA-xcfx-vqj9-hfv6",
"modified": "2022-05-24T17:19:14Z",
"published": "2022-05-24T17:19:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20816"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-XCGF-679W-PGVP
Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-11-24 21:30In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix null pointer dereference in tracing_err_log_open()
Fix an issue in function 'tracing_err_log_open'. The function doesn't call 'seq_open' if the file is opened only with write permissions, which results in 'file->private_data' being left as null. If we then use 'lseek' on that opened file, 'seq_lseek' dereferences 'file->private_data' in 'mutex_lock(&m->lock)', resulting in a kernel panic. Writing to this node requires root privileges, therefore this bug has very little security impact.
Tracefs node: /sys/kernel/tracing/error_log
Example Kernel panic:
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000038 Call trace: mutex_lock+0x30/0x110 seq_lseek+0x34/0xb8 __arm64_sys_lseek+0x6c/0xb8 invoke_syscall+0x58/0x13c el0_svc_common+0xc4/0x10c do_el0_svc+0x24/0x98 el0_svc+0x24/0x88 el0t_64_sync_handler+0x84/0xe4 el0t_64_sync+0x1b4/0x1b8 Code: d503201f aa0803e0 aa1f03e1 aa0103e9 (c8e97d02) ---[ end trace 561d1b49c12cf8a5 ]--- Kernel panic - not syncing: Oops: Fatal exception
{
"affected": [],
"aliases": [
"CVE-2023-53167"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T14:15:38Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix null pointer dereference in tracing_err_log_open()\n\nFix an issue in function \u0027tracing_err_log_open\u0027.\nThe function doesn\u0027t call \u0027seq_open\u0027 if the file is opened only with\nwrite permissions, which results in \u0027file-\u003eprivate_data\u0027 being left as null.\nIf we then use \u0027lseek\u0027 on that opened file, \u0027seq_lseek\u0027 dereferences\n\u0027file-\u003eprivate_data\u0027 in \u0027mutex_lock(\u0026m-\u003elock)\u0027, resulting in a kernel panic.\nWriting to this node requires root privileges, therefore this bug\nhas very little security impact.\n\nTracefs node: /sys/kernel/tracing/error_log\n\nExample Kernel panic:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\nCall trace:\n mutex_lock+0x30/0x110\n seq_lseek+0x34/0xb8\n __arm64_sys_lseek+0x6c/0xb8\n invoke_syscall+0x58/0x13c\n el0_svc_common+0xc4/0x10c\n do_el0_svc+0x24/0x98\n el0_svc+0x24/0x88\n el0t_64_sync_handler+0x84/0xe4\n el0t_64_sync+0x1b4/0x1b8\nCode: d503201f aa0803e0 aa1f03e1 aa0103e9 (c8e97d02)\n---[ end trace 561d1b49c12cf8a5 ]---\nKernel panic - not syncing: Oops: Fatal exception",
"id": "GHSA-xcgf-679w-pgvp",
"modified": "2025-11-24T21:30:57Z",
"published": "2025-09-15T15:31:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53167"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/02b0095e2fbbc060560c1065f86a211d91e27b26"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1e1c9aa9288a46c342f0f2c5c0b1c0876b9b0276"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3b5d9b7b875968a8a8c99dac45cb85b705c44802"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7060e5aac6dc195124c106f49106d653a416323a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/93114cbc7cb169f6f26eeaed5286b91bb86b463b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/938d5b7a75e18264887387ddf9169db6d8aeef98"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XCGM-PVWF-MJQ7
Vulnerability from github – Published: 2022-02-15 00:03 – Updated: 2022-10-07 00:00In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.
{
"affected": [],
"aliases": [
"CVE-2021-45343"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-25T13:15:00Z",
"severity": "MODERATE"
},
"details": "In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.",
"id": "GHSA-xcgm-pvwf-mjq7",
"modified": "2022-10-07T00:00:57Z",
"published": "2022-02-15T00:03:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45343"
},
{
"type": "WEB",
"url": "https://github.com/LibreCAD/LibreCAD/issues/1468"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCC2FZ6HZOIK3775K4MTCOUHX6PLGPEL"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUMH3CWGVSMR2UIZEA35Q5UB7PDVVVYS"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202305-26"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5077"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XCH4-2QR5-J58J
Vulnerability from github – Published: 2025-08-12 18:31 – Updated: 2025-08-12 18:31NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.
{
"affected": [],
"aliases": [
"CVE-2025-24515"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-12T17:15:34Z",
"severity": "MODERATE"
},
"details": "NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.",
"id": "GHSA-xch4-2qr5-j58j",
"modified": "2025-08-12T18:31:29Z",
"published": "2025-08-12T18:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24515"
},
{
"type": "WEB",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01299.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-XCH5-PWH8-CF69
Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-29 00:00A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service.
{
"affected": [],
"aliases": [
"CVE-2022-32785"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-23T19:15:00Z",
"severity": "MODERATE"
},
"details": "A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service.",
"id": "GHSA-xch5-pwh8-cf69",
"modified": "2022-09-29T00:00:27Z",
"published": "2022-09-25T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32785"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213343"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213344"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213345"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213346"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.