CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-6HR8-8X9G-VVM6
Vulnerability from github – Published: 2024-10-21 15:32 – Updated: 2026-05-12 12:32In the Linux kernel, the following vulnerability has been resolved:
nfsd: call cache_put if xdr_reserve_space returns NULL
If not enough buffer space available, but idmap_lookup has triggered lookup_fn which calls cache_get and returns successfully. Then we missed to call cache_put here which pairs with cache_get.
Reviwed-by: Jeff Layton jlayton@kernel.org
{
"affected": [],
"aliases": [
"CVE-2024-47737"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-21T13:15:03Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: call cache_put if xdr_reserve_space returns NULL\n\nIf not enough buffer space available, but idmap_lookup has triggered\nlookup_fn which calls cache_get and returns successfully. Then we\nmissed to call cache_put here which pairs with cache_get.\n\nReviwed-by: Jeff Layton \u003cjlayton@kernel.org\u003e",
"id": "GHSA-6hr8-8x9g-vvm6",
"modified": "2026-05-12T12:32:10Z",
"published": "2024-10-21T15:32:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47737"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3e8081ebff12bec1347deaceb6bce0765cce54df"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/81821617312988096f5deccf0f7da6f888e98056"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8d0765f86135e27f0bb5c950c136495719b4c834"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9803ab882d565a8fb2dde5999d98866d1c499dfd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9f03f0016ff797932551881c7e06ae50e9c39134"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a1afbbb5276f943ad7173d0b4c626b8c75a260da"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c6b16e700cf4d959af524bd9d3978407ff7ce462"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d078cbf5c38de83bc31f83c47dcd2184c04a50c7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e32ee6a61041925d1a05c14d10352dcfce9ef029"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J26-JFMQ-HF5R
Vulnerability from github – Published: 2026-01-20 21:31 – Updated: 2026-01-21 15:31NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).
{
"affected": [],
"aliases": [
"CVE-2025-57156"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-20T21:16:03Z",
"severity": "HIGH"
},
"details": "NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).",
"id": "GHSA-6j26-jfmq-hf5r",
"modified": "2026-01-21T15:31:15Z",
"published": "2026-01-20T21:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57156"
},
{
"type": "WEB",
"url": "https://github.com/owntone/owntone-server/issues/1907"
},
{
"type": "WEB",
"url": "https://github.com/owntone/owntone-server/commit/5e4d40ee03ae22ab79534bb1410fa9db96c9fabd"
},
{
"type": "WEB",
"url": "https://github.com/archersec/security-advisories/blob/master/owntone-server/owntone-server-advisory-2025.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J2G-FFVM-V4HW
Vulnerability from github – Published: 2022-05-14 03:32 – Updated: 2022-05-14 03:32The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).
{
"affected": [],
"aliases": [
"CVE-2017-15116"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-30T18:29:00Z",
"severity": "MODERATE"
},
"details": "The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).",
"id": "GHSA-6j2g-ffvm-v4hw",
"modified": "2022-05-14T03:32:25Z",
"published": "2022-05-14T03:32:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15116"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/94f1bb15bed84ad6c893916b7e7b9db6f1d7eec6"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2017-15116"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1485815"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514609"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=94f1bb15bed84ad6c893916b7e7b9db6f1d7eec6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J4X-6364-Q9P3
Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-05-30 12:30In the Linux kernel, the following vulnerability has been resolved:
crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree
Annotating a local pointer variable, which will be assigned with the
kmalloc-family functions, with the __cleanup(kfree) attribute will
make the address of the local variable, rather than the address returned
by kmalloc, passed to kfree directly and lead to a crash due to invalid
deallocation of stack address. According to other places in the repo,
the correct usage should be __free(kfree). The code coincidentally
compiled because the parameter type void * of kfree is compatible with
the desired type struct { ... } **.
{
"affected": [],
"aliases": [
"CVE-2026-45959"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-27T14:17:12Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix a crash due to incorrect cleanup usage of kfree\n\nAnnotating a local pointer variable, which will be assigned with the\nkmalloc-family functions, with the `__cleanup(kfree)` attribute will\nmake the address of the local variable, rather than the address returned\nby kmalloc, passed to kfree directly and lead to a crash due to invalid\ndeallocation of stack address. According to other places in the repo,\nthe correct usage should be `__free(kfree)`. The code coincidentally\ncompiled because the parameter type `void *` of kfree is compatible with\nthe desired type `struct { ... } **`.",
"id": "GHSA-6j4x-6364-q9p3",
"modified": "2026-05-30T12:30:23Z",
"published": "2026-05-27T15:33:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45959"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/90f9090e3e744a8fe3bb6fa0e61f577347728b0b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9a3ace9b010ffd8c422c97844ae152f7c53d6b18"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d5abcc33ee76bc26d58b39dc1a097e43a99dd438"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J8W-8CXV-823Q
Vulnerability from github – Published: 2024-02-13 21:30 – Updated: 2024-02-13 21:30Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL codes of the fildds.sys driver.
{
"affected": [],
"aliases": [
"CVE-2024-1216"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-13T19:15:09Z",
"severity": "MODERATE"
},
"details": "Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL codes of the fildds.sys driver.",
"id": "GHSA-6j8w-8cxv-823q",
"modified": "2024-02-13T21:30:29Z",
"published": "2024-02-13T21:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1216"
},
{
"type": "WEB",
"url": "https://fluidattacks.com/advisories/gershwin"
},
{
"type": "WEB",
"url": "http://www.filseclab.com/en-us/products/twister.htm"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J9Q-V6P5-9P93
Vulnerability from github – Published: 2024-08-22 03:31 – Updated: 2024-08-27 18:31In the Linux kernel, the following vulnerability has been resolved:
thermal: core: Fix TZ_GET_TRIP NULL pointer dereference
Do not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if the thermal zone does not define one.
{
"affected": [],
"aliases": [
"CVE-2022-48915"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-22T02:15:05Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Fix TZ_GET_TRIP NULL pointer dereference\n\nDo not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if\nthe thermal zone does not define one.",
"id": "GHSA-6j9q-v6p5-9p93",
"modified": "2024-08-27T18:31:35Z",
"published": "2024-08-22T03:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48915"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1c0b51e62a50e9291764d022ed44549e65d6ab9c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3dafbf915c05f83469e791949b5590da2aca2afb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4c294285cec3964b3291772ac0642c2bf440bd1b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5838a14832d447990827d85e90afe17e6fb9c175"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JC8-H4QW-9892
Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2025-04-20 03:40libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.
{
"affected": [],
"aliases": [
"CVE-2017-11124"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-07-10T03:29:00Z",
"severity": "CRITICAL"
},
"details": "libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.",
"id": "GHSA-6jc8-h4qw-9892",
"modified": "2025-04-20T03:40:29Z",
"published": "2022-05-13T01:28:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11124"
},
{
"type": "WEB",
"url": "https://blogs.gentoo.org/ago/2017/06/28/xar-null-pointer-dereference-in-xar_unserialize-archive-c"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2S2KRIILUKBJHXDNYJQQX74TFUQRG5ND"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YV6RF6VWM7AFYFTTS7VY5TNH26QUEEFC"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2S2KRIILUKBJHXDNYJQQX74TFUQRG5ND"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YV6RF6VWM7AFYFTTS7VY5TNH26QUEEFC"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JF3-P3MX-V587
Vulnerability from github – Published: 2024-10-03 18:30 – Updated: 2024-10-03 18:30NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
{
"affected": [],
"aliases": [
"CVE-2024-0125"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-03T17:15:14Z",
"severity": "LOW"
},
"details": "NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.",
"id": "GHSA-6jf3-p3mx-v587",
"modified": "2024-10-03T18:30:36Z",
"published": "2024-10-03T18:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0125"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5577"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-6JFC-JG7W-JC55
Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-11-03 21:31In the Linux kernel, the following vulnerability has been resolved:
media: ts2020: fix null-ptr-deref in ts2020_probe()
KASAN reported a null-ptr-deref issue when executing the following command:
# echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new_device KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020] RSP: 0018:ffffc9000abbf598 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffffc0714809 RDX: 0000000000000002 RSI: ffff88811550be00 RDI: 0000000000000010 RBP: ffff888109868800 R08: 0000000000000001 R09: fffff52001577eb6 R10: 0000000000000000 R11: ffffc9000abbff50 R12: ffffffffc0714790 R13: 1ffff92001577eb8 R14: ffffffffc07190d0 R15: 0000000000000001 FS: 00007f95f13b98c0(0000) GS:ffff888149280000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000555d2634b000 CR3: 0000000152236000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ts2020_probe+0xad/0xe10 [ts2020] i2c_device_probe+0x421/0xb40 really_probe+0x266/0x850 ...
The cause of the problem is that when using sysfs to dynamically register an i2c device, there is no platform data, but the probe process of ts2020 needs to use platform data, resulting in a null pointer being accessed.
Solve this problem by adding checks to platform data.
{
"affected": [],
"aliases": [
"CVE-2024-56574"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-27T15:15:16Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ts2020: fix null-ptr-deref in ts2020_probe()\n\nKASAN reported a null-ptr-deref issue when executing the following\ncommand:\n\n # echo ts2020 0x20 \u003e /sys/bus/i2c/devices/i2c-0/new_device\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020]\n RSP: 0018:ffffc9000abbf598 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffffc0714809\n RDX: 0000000000000002 RSI: ffff88811550be00 RDI: 0000000000000010\n RBP: ffff888109868800 R08: 0000000000000001 R09: fffff52001577eb6\n R10: 0000000000000000 R11: ffffc9000abbff50 R12: ffffffffc0714790\n R13: 1ffff92001577eb8 R14: ffffffffc07190d0 R15: 0000000000000001\n FS: 00007f95f13b98c0(0000) GS:ffff888149280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000555d2634b000 CR3: 0000000152236000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ts2020_probe+0xad/0xe10 [ts2020]\n i2c_device_probe+0x421/0xb40\n really_probe+0x266/0x850\n ...\n\nThe cause of the problem is that when using sysfs to dynamically register\nan i2c device, there is no platform data, but the probe process of ts2020\nneeds to use platform data, resulting in a null pointer being accessed.\n\nSolve this problem by adding checks to platform data.",
"id": "GHSA-6jfc-jg7w-jc55",
"modified": "2025-11-03T21:31:51Z",
"published": "2024-12-27T15:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56574"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4a058b34b52ed3feb1f3ff6fd26aefeeeed20cba"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5a53f97cd5977911850b695add057f9965c1a2d6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/901070571bc191d1d8d7a1379bc5ba9446200999"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a2ed3b780f34e4a6403064208bc2c99d1ed85026"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b6208d1567f929105011bcdfd738f59a6bdc1088"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ced1c04e82e3ecc246b921b9733f0df0866aa50d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dc03866b5f4aa2668946f8384a1e5286ae53bbaa"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JG4-5JM4-569Q
Vulnerability from github – Published: 2022-08-07 00:00 – Updated: 2022-08-11 00:00Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2022-27944"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-06T20:15:00Z",
"severity": "HIGH"
},
"details": "Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.",
"id": "GHSA-6jg4-5jm4-569q",
"modified": "2022-08-11T00:00:14Z",
"published": "2022-08-07T00:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27944"
},
{
"type": "WEB",
"url": "https://drive.google.com/file/d/1hNjladTTP3tq7TL2Au5pdMI4nfJkUEvU/view?usp=sharing"
},
{
"type": "WEB",
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.