CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6305 vulnerabilities reference this CWE, most recent first.
GHSA-64F5-82GF-FV64
Vulnerability from github – Published: 2025-10-04 18:31 – Updated: 2026-01-22 21:33In the Linux kernel, the following vulnerability has been resolved:
media: coda: Add check for dcoda_iram_alloc
As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others.
{
"affected": [],
"aliases": [
"CVE-2022-50501"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-04T16:15:47Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: coda: Add check for dcoda_iram_alloc\n\nAs the coda_iram_alloc may return NULL pointer,\nit should be better to check the return value\nin order to avoid NULL poineter dereference,\nsame as the others.",
"id": "GHSA-64f5-82gf-fv64",
"modified": "2026-01-22T21:33:43Z",
"published": "2025-10-04T18:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50501"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/05f165ded4a7baec31b65aba88e2cd1fb9b91db2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2b436f1410245412ea5e4c356a175a928d73eed3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2c6887d5a29024bada6928d1d0959c9990401384"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/35ddd00b36589cf948875b825eedaab1aefd5ad5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/45f57abaee136a1e39d2b04443a1bd5311ba7d94"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/532417dc98cb9c1185ada4ea4e7ccf965c06bcb5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5688d33aa293dfa122d66bef9c0258ddf7ef11e7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6b8082238fb8bb20f67e46388123e67a5bbc558d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b99872178e7473f21904fdeea38109275aad8ae8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-64FR-FJ38-R253
Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-23 03:30In the Linux kernel, the following vulnerability has been resolved:
ACPI: processor: Check for null return of devm_kzalloc() in fch_misc_setup()
devm_kzalloc() may fail, clk_data->name might be NULL and will cause a NULL pointer dereference later.
[ rjw: Subject and changelog edits ]
{
"affected": [],
"aliases": [
"CVE-2023-53483"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-01T12:15:51Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor: Check for null return of devm_kzalloc() in fch_misc_setup()\n\ndevm_kzalloc() may fail, clk_data-\u003ename might be NULL and will\ncause a NULL pointer dereference later.\n\n[ rjw: Subject and changelog edits ]",
"id": "GHSA-64fr-fj38-r253",
"modified": "2026-01-23T03:30:29Z",
"published": "2025-10-01T12:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53483"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4dea41775d951ff1f7b472a346a8ca3ae7e74455"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/79ca94bc3e8cc3befa883c7d30b30a27ef0ea386"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8a632ff6a2bea49993002b4c46092a2aea625840"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-64G3-CJ3G-3566
Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
{
"affected": [],
"aliases": [
"CVE-2018-7866"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-08T18:29:00Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.",
"id": "GHSA-64g3-cj3g-3566",
"modified": "2022-05-13T01:31:09Z",
"published": "2022-05-13T01:31:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7866"
},
{
"type": "WEB",
"url": "https://github.com/libming/libming/issues/118"
},
{
"type": "WEB",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/47KZ5RYWQMBN5DVDITBVRDNDCSFNBJ3V"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKACBPFBQXXW"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-64GC-VJFP-Q9CJ
Vulnerability from github – Published: 2025-02-13 00:33 – Updated: 2025-02-14 18:30An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver.
{
"affected": [],
"aliases": [
"CVE-2024-46922"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-12T22:15:39Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver.",
"id": "GHSA-64gc-vjfp-q9cj",
"modified": "2025-02-14T18:30:49Z",
"published": "2025-02-13T00:33:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46922"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-64JG-WJWW-7C5W
Vulnerability from github – Published: 2023-03-24 21:58 – Updated: 2023-03-27 21:58Impact
When ctx->step_containter() is a null ptr, the Lookup function will be executed with a null pointer.
import tensorflow as tf
tf.raw_ops.TensorArrayConcatV2(handle=['a', 'b'], flow_in = 0.1, dtype=tf.int32, element_shape_except0=1)
Patches
We have patched the issue in GitHub commit 239139d2ae6a81ae9ba499ad78b56d9b2931538a.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Yu Tian
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.11.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-25663"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2023-03-24T21:58:15Z",
"nvd_published_at": "2023-03-25T00:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nWhen ctx-\u003estep_containter() is a null ptr, the Lookup function will be executed with a null pointer.\n```python\nimport tensorflow as tf\ntf.raw_ops.TensorArrayConcatV2(handle=[\u0027a\u0027, \u0027b\u0027], flow_in = 0.1, dtype=tf.int32, element_shape_except0=1)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [239139d2ae6a81ae9ba499ad78b56d9b2931538a](https://github.com/tensorflow/tensorflow/commit/239139d2ae6a81ae9ba499ad78b56d9b2931538a).\n\nThe fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Yu Tian",
"id": "GHSA-64jg-wjww-7c5w",
"modified": "2023-03-27T21:58:55Z",
"published": "2023-03-24T21:58:15Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25663"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/239139d2ae6a81ae9ba499ad78b56d9b2931538a"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "TensorFlow has Null Pointer Error in TensorArrayConcatV2"
}
GHSA-64PP-R5X2-FGFF
Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2022-05-13 01:46An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). The identities of the endpoints for the communication channel between the transmitter and St. Jude Medical's web site, Merlin.net, are not verified. This may allow a man-in-the-middle attacker to access or influence communications between the identified endpoints.
{
"affected": [],
"aliases": [
"CVE-2017-5149"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-13T22:59:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). The identities of the endpoints for the communication channel between the transmitter and St. Jude Medical\u0027s web site, Merlin.net, are not verified. This may allow a man-in-the-middle attacker to access or influence communications between the identified endpoints.",
"id": "GHSA-64pp-r5x2-fgff",
"modified": "2022-05-13T01:46:01Z",
"published": "2022-05-13T01:46:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5149"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-17-009-01A"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95331"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-64Q4-MWRQ-4JHH
Vulnerability from github – Published: 2022-07-27 00:00 – Updated: 2022-07-29 00:00An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.
{
"affected": [],
"aliases": [
"CVE-2021-33447"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-26T13:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.",
"id": "GHSA-64q4-mwrq-4jhh",
"modified": "2022-07-29T00:00:25Z",
"published": "2022-07-27T00:00:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33447"
},
{
"type": "WEB",
"url": "https://github.com/cesanta/mjs/issues/164"
},
{
"type": "WEB",
"url": "https://gist.github.com/Clingto/bb632c0c463f4b2c97e4f65f751c5e6d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-64Q7-7V79-HM2J
Vulnerability from github – Published: 2024-12-10 21:30 – Updated: 2024-12-10 21:30InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2024-53952"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-10T21:15:20Z",
"severity": "MODERATE"
},
"details": "InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-64q7-7v79-hm2j",
"modified": "2024-12-10T21:30:53Z",
"published": "2024-12-10T21:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53952"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/indesign/apsb24-97.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-64QJ-9HXC-X9RC
Vulnerability from github – Published: 2024-09-13 06:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
gtp: fix a potential NULL pointer dereference
When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case.
Fix it by returning an error pointer with the error code carried from sockfd_lookup().
(I found this bug during code inspection.)
{
"affected": [],
"aliases": [
"CVE-2024-46677"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-13T06:15:12Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix a potential NULL pointer dereference\n\nWhen sockfd_lookup() fails, gtp_encap_enable_socket() returns a\nNULL pointer, but its callers only check for error pointers thus miss\nthe NULL pointer case.\n\nFix it by returning an error pointer with the error code carried from\nsockfd_lookup().\n\n(I found this bug during code inspection.)",
"id": "GHSA-64qj-9hxc-x9rc",
"modified": "2025-11-04T00:31:23Z",
"published": "2024-09-13T06:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46677"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/28c67f0f84f889fe9f4cbda8354132b20dc9212d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4643b91691e969b1b9ad54bf552d7a990cfa3b87"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/612edd35f2a3910ab1f61c1f2338889d4ba99fa2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/620fe9809752fae91b4190e897b81ed9976dfb39"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8bbb9e4e0e66a39282e582d0440724055404b38c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bdd99e5f0ad5fa727b16f2101fe880aa2bff2f8e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e8b9930b0eb045d19e883c65ff9676fc89320c70"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-64QW-H683-JG2M
Vulnerability from github – Published: 2025-09-18 18:30 – Updated: 2025-12-11 15:30In the Linux kernel, the following vulnerability has been resolved:
drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
Check the return value of md_bitmap_get_counter() in case it returns NULL pointer, which will result in a null pointer dereference.
v2: update the check to include other dereference
{
"affected": [],
"aliases": [
"CVE-2022-50402"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-18T16:15:43Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/md/md-bitmap: check the return value of md_bitmap_get_counter()\n\nCheck the return value of md_bitmap_get_counter() in case it returns\nNULL pointer, which will result in a null pointer dereference.\n\nv2: update the check to include other dereference",
"id": "GHSA-64qw-h683-jg2m",
"modified": "2025-12-11T15:30:30Z",
"published": "2025-09-18T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50402"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/100caacfa0ed26e061954c90cdc835d42f709536"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/21e9aac9a74d30907d44bae0d24c036cb3819406"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3bd548e5b819b8c0f2c9085de775c5c7bff9052f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5d8d046f3dba939e74e2414f009df426700430ed"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/99bef41f8e8d1d52b5cb34f2f193f1346192752b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b621d17fe8b079574c773800148fb86907f3445d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ff3b7e12bc9f50de05c9d82b5b79e23e5be888f1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.