Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-6XGC-32QF-8PXM

Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-12-09 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

memory: renesas-rpc-if: fix possible NULL pointer dereference of resource

The platform_get_resource_byname() can return NULL which would be immediately dereferenced by resource_size(). Instead dereference it after validating the resource.

Addresses-Coverity: Dereference null return value

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47050"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-28T09:15:40Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: renesas-rpc-if: fix possible NULL pointer dereference of resource\n\nThe platform_get_resource_byname() can return NULL which would be\nimmediately dereferenced by resource_size().  Instead dereference it\nafter validating the resource.\n\nAddresses-Coverity: Dereference null return value",
  "id": "GHSA-6xgc-32qf-8pxm",
  "modified": "2024-12-09T21:31:00Z",
  "published": "2024-02-28T09:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47050"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/59e27d7c94aa02da039b000d33c304c179395801"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/71bcc1b4a1743534d8abdcb57ff912e6bc390438"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a74cb41af7dbe019e4096171f8bc641c7ce910ad"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e16acc3a37f09e18835dc5d8014942c2ef6ca957"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XJ5-R9H7-WPHQ

Vulnerability from github – Published: 2025-04-01 18:30 – Updated: 2025-11-03 21:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla1280: Fix kernel oops when debug level > 2

A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUG_QLA1280 enabled and ql_debug_level > 2. I think its clear from the code that the intention here is sg_dma_len(s) not length of sg_next(s) when printing the debug info.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21957"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-01T16:15:26Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2.  I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
  "id": "GHSA-6xj5-r9h7-wphq",
  "modified": "2025-11-03T21:33:25Z",
  "published": "2025-04-01T18:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21957"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/11a8dac1177a596648a020a7f3708257a2f95fee"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/24602e2664c515a4f2950d7b52c3d5997463418c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5233e3235dec3065ccc632729675575dbe3c6b8a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7ac2473e727d67a38266b2b7e55c752402ab588c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/af71ba921d08c241a817010f96458dc5e5e26762"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/afa27b7c17a48e01546ccaad0ab017ad0496a522"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c737e2a5fb7f90b96a96121da1b50a9c74ae9b8c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ea371d1cdefb0951c7127a33bcd7eb931cf44571"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XPJ-QHG8-8H28

Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2026-01-16 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value

The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid().

[ rjw: Subject and changelog edits, added empty line after if () ]

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50327"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-15T15:15:44Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor: idle: Check acpi_fetch_acpi_dev() return value\n\nThe return value of acpi_fetch_acpi_dev() could be NULL, which would\ncause a NULL pointer dereference to occur in acpi_device_hid().\n\n[ rjw: Subject and changelog edits, added empty line after if () ]",
  "id": "GHSA-6xpj-qhg8-8h28",
  "modified": "2026-01-16T21:30:26Z",
  "published": "2025-09-15T15:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50327"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2437513a814b3e93bd02879740a8a06e52e2cf7d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2ecd629c788bbfb96be058edade2e934d3763eaf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8e8b5f12ee4ab6f5d252c9ca062a4ada9554e6d9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ad1190744da9d812da55b76f2afce750afb0a3bd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b85f0e292f73f353eea915499604fbf50c8238b4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fdee7a0acc566c4194d40a501b8a1584e86cc208"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XPQ-HHFR-6PCF

Vulnerability from github – Published: 2026-05-04 15:31 – Updated: 2026-05-04 18:30
VLAI
Details

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-70070"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-04T15:16:03Z",
    "severity": "MODERATE"
  },
  "details": "An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()",
  "id": "GHSA-6xpq-hhfr-6pcf",
  "modified": "2026-05-04T18:30:29Z",
  "published": "2026-05-04T15:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-70070"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/GunP4ng/a2118ba977b10074a4477322afa7b763"
    },
    {
      "type": "WEB",
      "url": "http://assimp.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XQ4-2J3G-9M44

Vulnerability from github – Published: 2026-03-18 12:31 – Updated: 2026-07-14 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/siw: Fix potential NULL pointer dereference in header processing

If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp->rx_fpdu->more_ddp_segs without checking, which may lead to a NULL pointer deref. Only check more_ddp_segs when rx_fpdu is present.

KASAN splat: [ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7] [ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23242"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-18T11:16:15Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix potential NULL pointer dereference in header processing\n\nIf siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(),\nqp-\u003erx_fpdu can be NULL. The error path in siw_tcp_rx_data()\ndereferences qp-\u003erx_fpdu-\u003emore_ddp_segs without checking, which\nmay lead to a NULL pointer deref. Only check more_ddp_segs when\nrx_fpdu is present.\n\nKASAN splat:\n[  101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]\n[  101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50",
  "id": "GHSA-6xq4-2j3g-9m44",
  "modified": "2026-07-14T15:31:40Z",
  "published": "2026-03-18T12:31:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23242"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/14ab3da122bd18920ad57428f6cf4fade8385142"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/714c99e1dc8f85f446e05be02ba83972e981a817"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8564dcc12fbb372d984ab45768cae9335777b274"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/87b7a036d2c73d5bb3ae2d47dee23de465db3355"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ab61841633d10e56a58c1493a262f0d02dba2f5e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ab957056192d6bd068b3759cb2077d859cca01f0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ce025f7f5d070596194315eb2e4e89d568b8a755"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ffba40b67663567481fa8a1ed5d2da36897c175d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XR9-VQ37-4X64

Vulnerability from github – Published: 2025-10-27 21:30 – Updated: 2025-10-28 18:30
VLAI
Details

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-61099"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-27T19:16:04Z",
    "severity": "HIGH"
  },
  "details": "FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.",
  "id": "GHSA-6xr9-vq37-4x64",
  "modified": "2025-10-28T18:30:27Z",
  "published": "2025-10-27T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61099"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/issues/19471"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/pull/19480"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FRRouting/frr/pull/19480/commits/0042fbe8ca5aba866b4f0d166e54066bba5ab14e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/s1awwhy/BugList/blob/main/CVE-2025-61099.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XVQ-4CRP-429F

Vulnerability from github – Published: 2024-07-29 18:30 – Updated: 2024-07-30 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/xe_devcoredump: Check NULL before assignments

Assign 'xe_devcoredump_snapshot ' and 'xe_device ' only if 'coredump' is not NULL.

v2 - Fix commit messages.

v3 - Define variables before code.(Ashutosh/Jose)

v4 - Drop return check for coredump_to_xe. (Jose/Rodrigo)

v5 - Modify misleading commit message. (Matt)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42081"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-29T16:15:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/xe_devcoredump: Check NULL before assignments\n\nAssign \u0027xe_devcoredump_snapshot *\u0027 and \u0027xe_device *\u0027 only if\n\u0027coredump\u0027 is not NULL.\n\nv2\n- Fix commit messages.\n\nv3\n- Define variables before code.(Ashutosh/Jose)\n\nv4\n- Drop return check for coredump_to_xe. (Jose/Rodrigo)\n\nv5\n- Modify misleading commit message. (Matt)",
  "id": "GHSA-6xvq-4crp-429f",
  "modified": "2024-07-30T21:31:26Z",
  "published": "2024-07-29T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42081"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/76ec0e33707282d5321555698d902f4e067aff37"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b15e65349553b1689d15fbdebea874ca5ae2274a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XW3-V997-R9FC

Vulnerability from github – Published: 2024-12-05 21:31 – Updated: 2024-12-05 21:31
VLAI
Details

In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-11148"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-05T20:15:21Z",
    "severity": "HIGH"
  },
  "details": "In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.",
  "id": "GHSA-6xw3-v997-r9fc",
  "modified": "2024-12-05T21:31:52Z",
  "published": "2024-12-05T21:31:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11148"
    },
    {
      "type": "WEB",
      "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/020_httpd.patch.sig"
    },
    {
      "type": "WEB",
      "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/006_httpd.patch.sig"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6XWM-63WF-Q2Q3

Vulnerability from github – Published: 2024-05-22 09:31 – Updated: 2025-03-01 03:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: musb: dsps: Fix the probe error path

Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without updating correctly the error path. dsps_create_musb_pdev() allocates and registers a new platform device which must be unregistered and freed with platform_device_unregister(), and this is missing upon dsps_setup_optional_vbus_irq() error.

While on the master branch it seems not to trigger any issue, I observed a kernel crash because of a NULL pointer dereference with a v5.10.70 stable kernel where the patch mentioned above was backported. With this kernel version, -EPROBE_DEFER is returned the first time dsps_setup_optional_vbus_irq() is called which triggers the probe to error out without unregistering the platform device. Unfortunately, on the Beagle Bone Black Wireless, the platform device still living in the system is being used by the USB Ethernet gadget driver, which during the boot phase triggers the crash.

My limited knowledge of the musb world prevents me to revert this commit which was sent to silence a robot warning which, as far as I understand, does not make sense. The goal of this patch was to prevent an IRQ to fire before the platform device being registered. I think this cannot ever happen due to the fact that enabling the interrupts is done by the ->enable() callback of the platform musb device, and this platform device must be already registered in order for the core or any other user to use this callback.

Hence, I decided to fix the error path, which might prevent future errors on mainline kernels while also fixing older ones.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47436"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-22T07:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: dsps: Fix the probe error path\n\nCommit 7c75bde329d7 (\"usb: musb: musb_dsps: request_irq() after\ninitializing musb\") has inverted the calls to\ndsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without\nupdating correctly the error path. dsps_create_musb_pdev() allocates and\nregisters a new platform device which must be unregistered and freed\nwith platform_device_unregister(), and this is missing upon\ndsps_setup_optional_vbus_irq() error.\n\nWhile on the master branch it seems not to trigger any issue, I observed\na kernel crash because of a NULL pointer dereference with a v5.10.70\nstable kernel where the patch mentioned above was backported. With this\nkernel version, -EPROBE_DEFER is returned the first time\ndsps_setup_optional_vbus_irq() is called which triggers the probe to\nerror out without unregistering the platform device. Unfortunately, on\nthe Beagle Bone Black Wireless, the platform device still living in the\nsystem is being used by the USB Ethernet gadget driver, which during the\nboot phase triggers the crash.\n\nMy limited knowledge of the musb world prevents me to revert this commit\nwhich was sent to silence a robot warning which, as far as I understand,\ndoes not make sense. The goal of this patch was to prevent an IRQ to\nfire before the platform device being registered. I think this cannot\never happen due to the fact that enabling the interrupts is done by the\n-\u003eenable() callback of the platform musb device, and this platform\ndevice must be already registered in order for the core or any other\nuser to use this callback.\n\nHence, I decided to fix the error path, which might prevent future\nerrors on mainline kernels while also fixing older ones.",
  "id": "GHSA-6xwm-63wf-q2q3",
  "modified": "2025-03-01T03:30:51Z",
  "published": "2024-05-22T09:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47436"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5ed60a430fb5f3d93e7fef66264daef466b4d10c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9ab5d539bc975b8dcde86eca1b58d836b657732e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9d89e287116796bf987cc48f5c8632ef3048f8eb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c2115b2b16421d93d4993f3fe4c520e91d6fe801"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e923bce31ffefe4f60edfc6b84f62d4a858f3676"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ff9249aab39820be11b6975a10d94253b7d426fc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XWV-8WP3-G5HV

Vulnerability from github – Published: 2023-03-01 15:30 – Updated: 2023-03-10 18:30
VLAI
Details

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-24752"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-01T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.",
  "id": "GHSA-6xwv-8wp3-g5hv",
  "modified": "2023-03-10T18:30:22Z",
  "published": "2023-03-01T15:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24752"
    },
    {
      "type": "WEB",
      "url": "https://github.com/strukturag/libde265/issues/378"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.