Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-55RR-66HR-8MRJ

Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2022-05-24 16:46
VLAI
Details

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-7076"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-24T19:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .",
  "id": "GHSA-55rr-66hr-8mrj",
  "modified": "2022-05-24T16:46:44Z",
  "published": "2022-05-24T16:46:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7076"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-07.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-55VR-XGPV-57CG

Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2022-05-13 01:28
VLAI
Details

An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-18230"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-14T02:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file.",
  "id": "GHSA-55vr-xgpv-57cg",
  "modified": "2022-05-13T01:28:30Z",
  "published": "2022-05-13T01:28:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18230"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "https://sourceforge.net/p/graphicsmagick/bugs/473"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4266-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4321"
    },
    {
      "type": "WEB",
      "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/53a4d841e90f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-55XQ-CFX2-8GPG

Vulnerability from github – Published: 2022-05-14 03:58 – Updated: 2022-05-14 03:58
VLAI
Details

The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8926"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-09-20T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.",
  "id": "GHSA-55xq-cfx2-8gpg",
  "modified": "2022-05-14T03:58:19Z",
  "published": "2022-05-14T03:58:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8926"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libarchive/libarchive/issues/518"
    },
    {
      "type": "WEB",
      "url": "https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201701-03"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1844.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2016/dsa-3657"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/06/17/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/06/17/5"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91304"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3033-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-562R-PP42-GQC3

Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-05-24 19:06
VLAI
Details

An issue was discovered in ACRN before 2.5. It allows a devicemodel/hw/pci/virtio/virtio_net.c virtio_net_ping_rxq NULL pointer dereference for vq->used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-36147"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-02T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in ACRN before 2.5. It allows a devicemodel/hw/pci/virtio/virtio_net.c virtio_net_ping_rxq NULL pointer dereference for vq-\u003eused.",
  "id": "GHSA-562r-pp42-gqc3",
  "modified": "2022-05-24T19:06:54Z",
  "published": "2022-05-24T19:06:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36147"
    },
    {
      "type": "WEB",
      "url": "https://github.com/projectacrn/acrn-hypervisor/pull/6121/commits/131116b15b0e35a62085d23686b43ed1c12c1331"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-5652-4J93-XHG6

Vulnerability from github – Published: 2024-12-24 12:30 – Updated: 2025-11-03 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

clk: clk-apple-nco: Add NULL check in applnco_probe

Add NULL check in applnco_probe, to handle kernel NULL pointer dereference error.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-53154"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-24T12:15:23Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: clk-apple-nco: Add NULL check in applnco_probe\n\nAdd NULL check in applnco_probe, to handle kernel NULL pointer\ndereference error.",
  "id": "GHSA-5652-4j93-xhg6",
  "modified": "2025-11-03T21:31:45Z",
  "published": "2024-12-24T12:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53154"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/066c14619e8379c1bafbbf8196fd38eac303472b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/534e02f83889ccef5fe6beb46e773ab9d4ae1655"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/72ea9a7e9e260aa39f9d1c9254cf92adfb05c4f5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/969c765e2b508cca9099d246c010a1e48dcfd089"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9a5905b725739af6a105f9e564e7c80d69969d2b"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5659-626R-MFVX

Vulnerability from github – Published: 2025-04-16 15:34 – Updated: 2026-07-14 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

thermal: int340x: Add NULL check for adev

Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 ("platform/x86: int3472: Check for adev == NULL").

Add a check for adev not being set and return -ENODEV in that case to avoid a possible NULL pointer deref in int3402_thermal_probe().

Note, under the same directory, int3400_thermal_probe() has such a check.

[ rjw: Subject edit, added Fixes: ]

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-23136"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-16T15:16:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ]",
  "id": "GHSA-5659-626r-mfvx",
  "modified": "2026-07-14T15:31:21Z",
  "published": "2025-04-16T15:34:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23136"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0c49f12c77b77a706fd41370c11910635e491845"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2542a3f70e563a9e70e7ded314286535a3321bdb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3155d5261b518776d1b807d9d922669991bbee56"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6a810c462f099353e908c70619638884cb82229c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8e8f1ddf4186731649df8bc9646017369eb19186"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/953d28a4f459fcbde2d08f51aeca19d6b0f179f3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ac2eb7378319e3836cdf3a2c15a0bdf04c50e81d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bc7b5f782d28942dbdfda70df30ce132694a06de"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d0d21c8e44216fa9afdb3809edf213f3c0a8c060"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-565F-CR27-P63X

Vulnerability from github – Published: 2024-08-17 12:30 – Updated: 2025-11-04 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: v4l: async: Fix NULL pointer dereference in adding ancillary links

In v4l2_async_create_ancillary_links(), ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async notifier is related to a V4L2 device, the source sub-device of the ancillary link is NULL, leading to a NULL pointer dereference. Check the notifier's sd field is non-NULL in v4l2_async_create_ancillary_links().

[Sakari Ailus: Reword the subject and commit messages slightly.]

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-43833"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-17T10:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l: async: Fix NULL pointer dereference in adding ancillary links\n\nIn v4l2_async_create_ancillary_links(), ancillary links are created for\nlens and flash sub-devices. These are sub-device to sub-device links and\nif the async notifier is related to a V4L2 device, the source sub-device\nof the ancillary link is NULL, leading to a NULL pointer dereference.\nCheck the notifier\u0027s sd field is non-NULL in\nv4l2_async_create_ancillary_links().\n\n[Sakari Ailus: Reword the subject and commit messages slightly.]",
  "id": "GHSA-565f-cr27-p63x",
  "modified": "2025-11-04T00:31:15Z",
  "published": "2024-08-17T12:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43833"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/249212ceb4187783af3801c57b92a5a25d410621"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9b4667ea67854f0b116fe22ad11ef5628c5b5b5f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b87e28050d9b0959de24574d587825cfab2f13fb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fe0f92fd5320b393e44ca210805e653ea90cc982"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-565M-5C74-6H7V

Vulnerability from github – Published: 2022-05-24 17:02 – Updated: 2022-05-24 17:02
VLAI
Details

SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19242"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-27T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "SQLite 3.30.1 mishandles pExpr-\u003ey.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.",
  "id": "GHSA-565m-5c74-6h7v",
  "modified": "2022-05-24T17:02:19Z",
  "published": "2022-05-24T17:02:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19242"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4205-1"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-566M-3PVX-3XVX

Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10
VLAI
Details

The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-32438"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-11T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.",
  "id": "GHSA-566m-3pvx-3xvx",
  "modified": "2022-05-24T19:10:40Z",
  "published": "2022-05-24T19:10:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32438"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/issues/1769"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/commit/00194f5fe462123f70b0bae7987317b52898b868"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-568W-PXMX-PG4M

Vulnerability from github – Published: 2022-05-24 17:41 – Updated: 2022-06-10 00:00
VLAI
Details

In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer dereference.) This affects \Device\EMPMPAUIO and \DosDevices\EMPMPAU.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-9453"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-05T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer dereference.) This affects \\Device\\EMPMPAUIO and \\DosDevices\\EMPMPAU.",
  "id": "GHSA-568w-pxmx-pg4m",
  "modified": "2022-06-10T00:00:59Z",
  "published": "2022-05-24T17:41:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9453"
    },
    {
      "type": "WEB",
      "url": "https://epson.com"
    },
    {
      "type": "WEB",
      "url": "https://epson.com/Support/wa00936"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FULLSHADE/Kernel-exploits"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FULLSHADE/Kernel-exploits/tree/master/EMP_MPAU.sys"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.