CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-6XGC-32QF-8PXM
Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-12-09 21:31In the Linux kernel, the following vulnerability has been resolved:
memory: renesas-rpc-if: fix possible NULL pointer dereference of resource
The platform_get_resource_byname() can return NULL which would be immediately dereferenced by resource_size(). Instead dereference it after validating the resource.
Addresses-Coverity: Dereference null return value
{
"affected": [],
"aliases": [
"CVE-2021-47050"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-28T09:15:40Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: renesas-rpc-if: fix possible NULL pointer dereference of resource\n\nThe platform_get_resource_byname() can return NULL which would be\nimmediately dereferenced by resource_size(). Instead dereference it\nafter validating the resource.\n\nAddresses-Coverity: Dereference null return value",
"id": "GHSA-6xgc-32qf-8pxm",
"modified": "2024-12-09T21:31:00Z",
"published": "2024-02-28T09:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47050"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/59e27d7c94aa02da039b000d33c304c179395801"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/71bcc1b4a1743534d8abdcb57ff912e6bc390438"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a74cb41af7dbe019e4096171f8bc641c7ce910ad"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e16acc3a37f09e18835dc5d8014942c2ef6ca957"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XJ5-R9H7-WPHQ
Vulnerability from github – Published: 2025-04-01 18:30 – Updated: 2025-11-03 21:33In the Linux kernel, the following vulnerability has been resolved:
scsi: qla1280: Fix kernel oops when debug level > 2
A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUG_QLA1280 enabled and ql_debug_level > 2. I think its clear from the code that the intention here is sg_dma_len(s) not length of sg_next(s) when printing the debug info.
{
"affected": [],
"aliases": [
"CVE-2025-21957"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-01T16:15:26Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2. I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
"id": "GHSA-6xj5-r9h7-wphq",
"modified": "2025-11-03T21:33:25Z",
"published": "2025-04-01T18:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21957"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/11a8dac1177a596648a020a7f3708257a2f95fee"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/24602e2664c515a4f2950d7b52c3d5997463418c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5233e3235dec3065ccc632729675575dbe3c6b8a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7ac2473e727d67a38266b2b7e55c752402ab588c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/af71ba921d08c241a817010f96458dc5e5e26762"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/afa27b7c17a48e01546ccaad0ab017ad0496a522"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c737e2a5fb7f90b96a96121da1b50a9c74ae9b8c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ea371d1cdefb0951c7127a33bcd7eb931cf44571"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XPJ-QHG8-8H28
Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2026-01-16 21:30In the Linux kernel, the following vulnerability has been resolved:
ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid().
[ rjw: Subject and changelog edits, added empty line after if () ]
{
"affected": [],
"aliases": [
"CVE-2022-50327"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T15:15:44Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor: idle: Check acpi_fetch_acpi_dev() return value\n\nThe return value of acpi_fetch_acpi_dev() could be NULL, which would\ncause a NULL pointer dereference to occur in acpi_device_hid().\n\n[ rjw: Subject and changelog edits, added empty line after if () ]",
"id": "GHSA-6xpj-qhg8-8h28",
"modified": "2026-01-16T21:30:26Z",
"published": "2025-09-15T15:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50327"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2437513a814b3e93bd02879740a8a06e52e2cf7d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2ecd629c788bbfb96be058edade2e934d3763eaf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8e8b5f12ee4ab6f5d252c9ca062a4ada9554e6d9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ad1190744da9d812da55b76f2afce750afb0a3bd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b85f0e292f73f353eea915499604fbf50c8238b4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fdee7a0acc566c4194d40a501b8a1584e86cc208"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XPQ-HHFR-6PCF
Vulnerability from github – Published: 2026-05-04 15:31 – Updated: 2026-05-04 18:30An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()
{
"affected": [],
"aliases": [
"CVE-2025-70070"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-04T15:16:03Z",
"severity": "MODERATE"
},
"details": "An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()",
"id": "GHSA-6xpq-hhfr-6pcf",
"modified": "2026-05-04T18:30:29Z",
"published": "2026-05-04T15:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-70070"
},
{
"type": "WEB",
"url": "https://gist.github.com/GunP4ng/a2118ba977b10074a4477322afa7b763"
},
{
"type": "WEB",
"url": "http://assimp.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XQ4-2J3G-9M44
Vulnerability from github – Published: 2026-03-18 12:31 – Updated: 2026-07-14 15:31In the Linux kernel, the following vulnerability has been resolved:
RDMA/siw: Fix potential NULL pointer dereference in header processing
If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp->rx_fpdu->more_ddp_segs without checking, which may lead to a NULL pointer deref. Only check more_ddp_segs when rx_fpdu is present.
KASAN splat: [ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7] [ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50
{
"affected": [],
"aliases": [
"CVE-2026-23242"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-18T11:16:15Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix potential NULL pointer dereference in header processing\n\nIf siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(),\nqp-\u003erx_fpdu can be NULL. The error path in siw_tcp_rx_data()\ndereferences qp-\u003erx_fpdu-\u003emore_ddp_segs without checking, which\nmay lead to a NULL pointer deref. Only check more_ddp_segs when\nrx_fpdu is present.\n\nKASAN splat:\n[ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]\n[ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50",
"id": "GHSA-6xq4-2j3g-9m44",
"modified": "2026-07-14T15:31:40Z",
"published": "2026-03-18T12:31:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23242"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/14ab3da122bd18920ad57428f6cf4fade8385142"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/714c99e1dc8f85f446e05be02ba83972e981a817"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8564dcc12fbb372d984ab45768cae9335777b274"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/87b7a036d2c73d5bb3ae2d47dee23de465db3355"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ab61841633d10e56a58c1493a262f0d02dba2f5e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ab957056192d6bd068b3759cb2077d859cca01f0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ce025f7f5d070596194315eb2e4e89d568b8a755"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ffba40b67663567481fa8a1ed5d2da36897c175d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XR9-VQ37-4X64
Vulnerability from github – Published: 2025-10-27 21:30 – Updated: 2025-10-28 18:30FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.
{
"affected": [],
"aliases": [
"CVE-2025-61099"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-27T19:16:04Z",
"severity": "HIGH"
},
"details": "FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.",
"id": "GHSA-6xr9-vq37-4x64",
"modified": "2025-10-28T18:30:27Z",
"published": "2025-10-27T21:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61099"
},
{
"type": "WEB",
"url": "https://github.com/FRRouting/frr/issues/19471"
},
{
"type": "WEB",
"url": "https://github.com/FRRouting/frr/pull/19480"
},
{
"type": "WEB",
"url": "https://github.com/FRRouting/frr/pull/19480/commits/0042fbe8ca5aba866b4f0d166e54066bba5ab14e"
},
{
"type": "WEB",
"url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61099.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XVQ-4CRP-429F
Vulnerability from github – Published: 2024-07-29 18:30 – Updated: 2024-07-30 21:31In the Linux kernel, the following vulnerability has been resolved:
drm/xe/xe_devcoredump: Check NULL before assignments
Assign 'xe_devcoredump_snapshot ' and 'xe_device ' only if 'coredump' is not NULL.
v2 - Fix commit messages.
v3 - Define variables before code.(Ashutosh/Jose)
v4 - Drop return check for coredump_to_xe. (Jose/Rodrigo)
v5 - Modify misleading commit message. (Matt)
{
"affected": [],
"aliases": [
"CVE-2024-42081"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-29T16:15:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/xe_devcoredump: Check NULL before assignments\n\nAssign \u0027xe_devcoredump_snapshot *\u0027 and \u0027xe_device *\u0027 only if\n\u0027coredump\u0027 is not NULL.\n\nv2\n- Fix commit messages.\n\nv3\n- Define variables before code.(Ashutosh/Jose)\n\nv4\n- Drop return check for coredump_to_xe. (Jose/Rodrigo)\n\nv5\n- Modify misleading commit message. (Matt)",
"id": "GHSA-6xvq-4crp-429f",
"modified": "2024-07-30T21:31:26Z",
"published": "2024-07-29T18:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42081"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/76ec0e33707282d5321555698d902f4e067aff37"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b15e65349553b1689d15fbdebea874ca5ae2274a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XW3-V997-R9FC
Vulnerability from github – Published: 2024-12-05 21:31 – Updated: 2024-12-05 21:31In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.
{
"affected": [],
"aliases": [
"CVE-2024-11148"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-05T20:15:21Z",
"severity": "HIGH"
},
"details": "In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.",
"id": "GHSA-6xw3-v997-r9fc",
"modified": "2024-12-05T21:31:52Z",
"published": "2024-12-05T21:31:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11148"
},
{
"type": "WEB",
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/020_httpd.patch.sig"
},
{
"type": "WEB",
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/006_httpd.patch.sig"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-6XWM-63WF-Q2Q3
Vulnerability from github – Published: 2024-05-22 09:31 – Updated: 2025-03-01 03:30In the Linux kernel, the following vulnerability has been resolved:
usb: musb: dsps: Fix the probe error path
Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without updating correctly the error path. dsps_create_musb_pdev() allocates and registers a new platform device which must be unregistered and freed with platform_device_unregister(), and this is missing upon dsps_setup_optional_vbus_irq() error.
While on the master branch it seems not to trigger any issue, I observed a kernel crash because of a NULL pointer dereference with a v5.10.70 stable kernel where the patch mentioned above was backported. With this kernel version, -EPROBE_DEFER is returned the first time dsps_setup_optional_vbus_irq() is called which triggers the probe to error out without unregistering the platform device. Unfortunately, on the Beagle Bone Black Wireless, the platform device still living in the system is being used by the USB Ethernet gadget driver, which during the boot phase triggers the crash.
My limited knowledge of the musb world prevents me to revert this commit which was sent to silence a robot warning which, as far as I understand, does not make sense. The goal of this patch was to prevent an IRQ to fire before the platform device being registered. I think this cannot ever happen due to the fact that enabling the interrupts is done by the ->enable() callback of the platform musb device, and this platform device must be already registered in order for the core or any other user to use this callback.
Hence, I decided to fix the error path, which might prevent future errors on mainline kernels while also fixing older ones.
{
"affected": [],
"aliases": [
"CVE-2021-47436"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-22T07:15:08Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: dsps: Fix the probe error path\n\nCommit 7c75bde329d7 (\"usb: musb: musb_dsps: request_irq() after\ninitializing musb\") has inverted the calls to\ndsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without\nupdating correctly the error path. dsps_create_musb_pdev() allocates and\nregisters a new platform device which must be unregistered and freed\nwith platform_device_unregister(), and this is missing upon\ndsps_setup_optional_vbus_irq() error.\n\nWhile on the master branch it seems not to trigger any issue, I observed\na kernel crash because of a NULL pointer dereference with a v5.10.70\nstable kernel where the patch mentioned above was backported. With this\nkernel version, -EPROBE_DEFER is returned the first time\ndsps_setup_optional_vbus_irq() is called which triggers the probe to\nerror out without unregistering the platform device. Unfortunately, on\nthe Beagle Bone Black Wireless, the platform device still living in the\nsystem is being used by the USB Ethernet gadget driver, which during the\nboot phase triggers the crash.\n\nMy limited knowledge of the musb world prevents me to revert this commit\nwhich was sent to silence a robot warning which, as far as I understand,\ndoes not make sense. The goal of this patch was to prevent an IRQ to\nfire before the platform device being registered. I think this cannot\never happen due to the fact that enabling the interrupts is done by the\n-\u003eenable() callback of the platform musb device, and this platform\ndevice must be already registered in order for the core or any other\nuser to use this callback.\n\nHence, I decided to fix the error path, which might prevent future\nerrors on mainline kernels while also fixing older ones.",
"id": "GHSA-6xwm-63wf-q2q3",
"modified": "2025-03-01T03:30:51Z",
"published": "2024-05-22T09:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47436"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5ed60a430fb5f3d93e7fef66264daef466b4d10c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9ab5d539bc975b8dcde86eca1b58d836b657732e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9d89e287116796bf987cc48f5c8632ef3048f8eb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c2115b2b16421d93d4993f3fe4c520e91d6fe801"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e923bce31ffefe4f60edfc6b84f62d4a858f3676"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ff9249aab39820be11b6975a10d94253b7d426fc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XWV-8WP3-G5HV
Vulnerability from github – Published: 2023-03-01 15:30 – Updated: 2023-03-10 18:30libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
{
"affected": [],
"aliases": [
"CVE-2023-24752"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-01T15:15:00Z",
"severity": "MODERATE"
},
"details": "libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.",
"id": "GHSA-6xwv-8wp3-g5hv",
"modified": "2023-03-10T18:30:22Z",
"published": "2023-03-01T15:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24752"
},
{
"type": "WEB",
"url": "https://github.com/strukturag/libde265/issues/378"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.