Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-6HR8-8X9G-VVM6

Vulnerability from github – Published: 2024-10-21 15:32 – Updated: 2026-05-12 12:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

nfsd: call cache_put if xdr_reserve_space returns NULL

If not enough buffer space available, but idmap_lookup has triggered lookup_fn which calls cache_get and returns successfully. Then we missed to call cache_put here which pairs with cache_get.

Reviwed-by: Jeff Layton jlayton@kernel.org

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-47737"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-21T13:15:03Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: call cache_put if xdr_reserve_space returns NULL\n\nIf not enough buffer space available, but idmap_lookup has triggered\nlookup_fn which calls cache_get and returns successfully. Then we\nmissed to call cache_put here which pairs with cache_get.\n\nReviwed-by: Jeff Layton \u003cjlayton@kernel.org\u003e",
  "id": "GHSA-6hr8-8x9g-vvm6",
  "modified": "2026-05-12T12:32:10Z",
  "published": "2024-10-21T15:32:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47737"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3e8081ebff12bec1347deaceb6bce0765cce54df"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/81821617312988096f5deccf0f7da6f888e98056"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8d0765f86135e27f0bb5c950c136495719b4c834"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9803ab882d565a8fb2dde5999d98866d1c499dfd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f03f0016ff797932551881c7e06ae50e9c39134"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a1afbbb5276f943ad7173d0b4c626b8c75a260da"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c6b16e700cf4d959af524bd9d3978407ff7ce462"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d078cbf5c38de83bc31f83c47dcd2184c04a50c7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e32ee6a61041925d1a05c14d10352dcfce9ef029"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6J26-JFMQ-HF5R

Vulnerability from github – Published: 2026-01-20 21:31 – Updated: 2026-01-21 15:31
VLAI
Details

NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-57156"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-20T21:16:03Z",
    "severity": "HIGH"
  },
  "details": "NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).",
  "id": "GHSA-6j26-jfmq-hf5r",
  "modified": "2026-01-21T15:31:15Z",
  "published": "2026-01-20T21:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57156"
    },
    {
      "type": "WEB",
      "url": "https://github.com/owntone/owntone-server/issues/1907"
    },
    {
      "type": "WEB",
      "url": "https://github.com/owntone/owntone-server/commit/5e4d40ee03ae22ab79534bb1410fa9db96c9fabd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/archersec/security-advisories/blob/master/owntone-server/owntone-server-advisory-2025.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6J2G-FFVM-V4HW

Vulnerability from github – Published: 2022-05-14 03:32 – Updated: 2022-05-14 03:32
VLAI
Details

The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-15116"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-30T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).",
  "id": "GHSA-6j2g-ffvm-v4hw",
  "modified": "2022-05-14T03:32:25Z",
  "published": "2022-05-14T03:32:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15116"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/94f1bb15bed84ad6c893916b7e7b9db6f1d7eec6"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:0676"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:1062"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2017-15116"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1485815"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514609"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=94f1bb15bed84ad6c893916b7e7b9db6f1d7eec6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6J4X-6364-Q9P3

Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-05-30 12:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree

Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the __cleanup(kfree) attribute will make the address of the local variable, rather than the address returned by kmalloc, passed to kfree directly and lead to a crash due to invalid deallocation of stack address. According to other places in the repo, the correct usage should be __free(kfree). The code coincidentally compiled because the parameter type void * of kfree is compatible with the desired type struct { ... } **.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-45959"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-27T14:17:12Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix a crash due to incorrect cleanup usage of kfree\n\nAnnotating a local pointer variable, which will be assigned with the\nkmalloc-family functions, with the `__cleanup(kfree)` attribute will\nmake the address of the local variable, rather than the address returned\nby kmalloc, passed to kfree directly and lead to a crash due to invalid\ndeallocation of stack address. According to other places in the repo,\nthe correct usage should be `__free(kfree)`. The code coincidentally\ncompiled because the parameter type `void *` of kfree is compatible with\nthe desired type `struct { ... } **`.",
  "id": "GHSA-6j4x-6364-q9p3",
  "modified": "2026-05-30T12:30:23Z",
  "published": "2026-05-27T15:33:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45959"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/90f9090e3e744a8fe3bb6fa0e61f577347728b0b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9a3ace9b010ffd8c422c97844ae152f7c53d6b18"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d5abcc33ee76bc26d58b39dc1a097e43a99dd438"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6J8W-8CXV-823Q

Vulnerability from github – Published: 2024-02-13 21:30 – Updated: 2024-02-13 21:30
VLAI
Details

Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL codes of the fildds.sys driver.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-1216"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-13T19:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL codes of the fildds.sys driver.",
  "id": "GHSA-6j8w-8cxv-823q",
  "modified": "2024-02-13T21:30:29Z",
  "published": "2024-02-13T21:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1216"
    },
    {
      "type": "WEB",
      "url": "https://fluidattacks.com/advisories/gershwin"
    },
    {
      "type": "WEB",
      "url": "http://www.filseclab.com/en-us/products/twister.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6J9Q-V6P5-9P93

Vulnerability from github – Published: 2024-08-22 03:31 – Updated: 2024-08-27 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

thermal: core: Fix TZ_GET_TRIP NULL pointer dereference

Do not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if the thermal zone does not define one.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48915"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-22T02:15:05Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Fix TZ_GET_TRIP NULL pointer dereference\n\nDo not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if\nthe thermal zone does not define one.",
  "id": "GHSA-6j9q-v6p5-9p93",
  "modified": "2024-08-27T18:31:35Z",
  "published": "2024-08-22T03:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48915"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1c0b51e62a50e9291764d022ed44549e65d6ab9c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3dafbf915c05f83469e791949b5590da2aca2afb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4c294285cec3964b3291772ac0642c2bf440bd1b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5838a14832d447990827d85e90afe17e6fb9c175"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6JC8-H4QW-9892

Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2025-04-20 03:40
VLAI
Details

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-11124"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-10T03:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.",
  "id": "GHSA-6jc8-h4qw-9892",
  "modified": "2025-04-20T03:40:29Z",
  "published": "2022-05-13T01:28:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11124"
    },
    {
      "type": "WEB",
      "url": "https://blogs.gentoo.org/ago/2017/06/28/xar-null-pointer-dereference-in-xar_unserialize-archive-c"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2S2KRIILUKBJHXDNYJQQX74TFUQRG5ND"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YV6RF6VWM7AFYFTTS7VY5TNH26QUEEFC"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2S2KRIILUKBJHXDNYJQQX74TFUQRG5ND"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YV6RF6VWM7AFYFTTS7VY5TNH26QUEEFC"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6JF3-P3MX-V587

Vulnerability from github – Published: 2024-10-03 18:30 – Updated: 2024-10-03 18:30
VLAI
Details

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-0125"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-03T17:15:14Z",
    "severity": "LOW"
  },
  "details": "NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.",
  "id": "GHSA-6jf3-p3mx-v587",
  "modified": "2024-10-03T18:30:36Z",
  "published": "2024-10-03T18:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0125"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5577"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6JFC-JG7W-JC55

Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-11-03 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: ts2020: fix null-ptr-deref in ts2020_probe()

KASAN reported a null-ptr-deref issue when executing the following command:

# echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new_device KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020] RSP: 0018:ffffc9000abbf598 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffffc0714809 RDX: 0000000000000002 RSI: ffff88811550be00 RDI: 0000000000000010 RBP: ffff888109868800 R08: 0000000000000001 R09: fffff52001577eb6 R10: 0000000000000000 R11: ffffc9000abbff50 R12: ffffffffc0714790 R13: 1ffff92001577eb8 R14: ffffffffc07190d0 R15: 0000000000000001 FS: 00007f95f13b98c0(0000) GS:ffff888149280000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000555d2634b000 CR3: 0000000152236000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ts2020_probe+0xad/0xe10 [ts2020] i2c_device_probe+0x421/0xb40 really_probe+0x266/0x850 ...

The cause of the problem is that when using sysfs to dynamically register an i2c device, there is no platform data, but the probe process of ts2020 needs to use platform data, resulting in a null pointer being accessed.

Solve this problem by adding checks to platform data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-56574"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-27T15:15:16Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ts2020: fix null-ptr-deref in ts2020_probe()\n\nKASAN reported a null-ptr-deref issue when executing the following\ncommand:\n\n  # echo ts2020 0x20 \u003e /sys/bus/i2c/devices/i2c-0/new_device\n    KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n    CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24\n    Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n    RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020]\n    RSP: 0018:ffffc9000abbf598 EFLAGS: 00010202\n    RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffffc0714809\n    RDX: 0000000000000002 RSI: ffff88811550be00 RDI: 0000000000000010\n    RBP: ffff888109868800 R08: 0000000000000001 R09: fffff52001577eb6\n    R10: 0000000000000000 R11: ffffc9000abbff50 R12: ffffffffc0714790\n    R13: 1ffff92001577eb8 R14: ffffffffc07190d0 R15: 0000000000000001\n    FS:  00007f95f13b98c0(0000) GS:ffff888149280000(0000) knlGS:0000000000000000\n    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n    CR2: 0000555d2634b000 CR3: 0000000152236000 CR4: 00000000000006f0\n    DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n    DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n    Call Trace:\n     \u003cTASK\u003e\n     ts2020_probe+0xad/0xe10 [ts2020]\n     i2c_device_probe+0x421/0xb40\n     really_probe+0x266/0x850\n    ...\n\nThe cause of the problem is that when using sysfs to dynamically register\nan i2c device, there is no platform data, but the probe process of ts2020\nneeds to use platform data, resulting in a null pointer being accessed.\n\nSolve this problem by adding checks to platform data.",
  "id": "GHSA-6jfc-jg7w-jc55",
  "modified": "2025-11-03T21:31:51Z",
  "published": "2024-12-27T15:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56574"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4a058b34b52ed3feb1f3ff6fd26aefeeeed20cba"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5a53f97cd5977911850b695add057f9965c1a2d6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/901070571bc191d1d8d7a1379bc5ba9446200999"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a2ed3b780f34e4a6403064208bc2c99d1ed85026"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b6208d1567f929105011bcdfd738f59a6bdc1088"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ced1c04e82e3ecc246b921b9733f0df0866aa50d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dc03866b5f4aa2668946f8384a1e5286ae53bbaa"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6JG4-5JM4-569Q

Vulnerability from github – Published: 2022-08-07 00:00 – Updated: 2022-08-11 00:00
VLAI
Details

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-27944"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-06T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.",
  "id": "GHSA-6jg4-5jm4-569q",
  "modified": "2022-08-11T00:00:14Z",
  "published": "2022-08-07T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27944"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1hNjladTTP3tq7TL2Au5pdMI4nfJkUEvU/view?usp=sharing"
    },
    {
      "type": "WEB",
      "url": "https://www.foxit.com/support/security-bulletins.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.