CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-7G63-CHRJ-5RQ3
Vulnerability from github – Published: 2022-05-14 03:57 – Updated: 2022-05-14 03:57crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5).
{
"affected": [],
"aliases": [
"CVE-2016-10147"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-01-18T21:59:00Z",
"severity": "MODERATE"
},
"details": "crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5).",
"id": "GHSA-7g63-chrj-5rq3",
"modified": "2022-05-14T03:57:55Z",
"published": "2022-05-14T03:57:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10147"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/48a992727d82cb7db076fa15d372178743b1f4cd"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2016-10147"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404200"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=48a992727d82cb7db076fa15d372178743b1f4cd"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-crypto-vger\u0026m=148063683310477\u0026w=2"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.15"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/01/17/13"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95677"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7G6Q-P622-3MGR
Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2025-04-20 03:33gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.
{
"affected": [],
"aliases": [
"CVE-2017-6311"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-10T02:59:00Z",
"severity": "HIGH"
},
"details": "gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.",
"id": "GHSA-7g6q-p622-3mgr",
"modified": "2025-04-20T03:33:57Z",
"published": "2022-05-13T01:24:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6311"
},
{
"type": "WEB",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=778204"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJF5ARFOX4BFUK6YCBKGAKBQYECO3AI2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSAZ6UCKKXC5VOWXGWQHOX2ZBLLATIOT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJF5ARFOX4BFUK6YCBKGAKBQYECO3AI2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSAZ6UCKKXC5VOWXGWQHOX2ZBLLATIOT"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201709-08"
},
{
"type": "WEB",
"url": "http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/02/21/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/02/26/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/96779"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7G83-7R9M-4Q2J
Vulnerability from github – Published: 2025-03-03 12:30 – Updated: 2025-03-03 12:30Memory corruption in display driver while detaching a device.
{
"affected": [],
"aliases": [
"CVE-2024-53024"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-03T11:15:13Z",
"severity": "HIGH"
},
"details": "Memory corruption in display driver while detaching a device.",
"id": "GHSA-7g83-7r9m-4q2j",
"modified": "2025-03-03T12:30:32Z",
"published": "2025-03-03T12:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53024"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7G9V-7VC7-PMRW
Vulnerability from github – Published: 2025-04-21 00:30 – Updated: 2025-04-21 00:30libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
{
"affected": [],
"aliases": [
"CVE-2025-43966"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-21T00:15:33Z",
"severity": "LOW"
},
"details": "libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.",
"id": "GHSA-7g9v-7vc7-pmrw",
"modified": "2025-04-21T00:30:20Z",
"published": "2025-04-21T00:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43966"
},
{
"type": "WEB",
"url": "https://github.com/strukturag/libheif/commit/b38555387e4b5dcf036fe45b0c440aca19b7b69c"
},
{
"type": "WEB",
"url": "https://github.com/strukturag/libheif/compare/v1.19.5...v1.19.6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-7G9V-9M8F-C5P8
Vulnerability from github – Published: 2022-03-11 00:02 – Updated: 2022-03-17 00:01The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.
{
"affected": [],
"aliases": [
"CVE-2021-34122"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-10T17:42:00Z",
"severity": "MODERATE"
},
"details": "The function bitstr_tell at bitstr.c in ffjpeg commit 4ab404e has a NULL pointer dereference.",
"id": "GHSA-7g9v-9m8f-c5p8",
"modified": "2022-03-17T00:01:59Z",
"published": "2022-03-11T00:02:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34122"
},
{
"type": "WEB",
"url": "https://github.com/rockcarry/ffjpeg/issues/36"
},
{
"type": "WEB",
"url": "https://github.com/rockcarry/ffjpeg/pull/37"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GH2-Q8M8-26R9
Vulnerability from github – Published: 2022-05-17 02:53 – Updated: 2025-04-20 03:34The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.
{
"affected": [],
"aliases": [
"CVE-2016-10129"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-24T15:59:00Z",
"severity": "HIGH"
},
"details": "The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.",
"id": "GHSA-7gh2-q8m8-26r9",
"modified": "2025-04-20T03:34:45Z",
"published": "2022-05-17T02:53:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10129"
},
{
"type": "WEB",
"url": "https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a"
},
{
"type": "WEB",
"url": "https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037"
},
{
"type": "WEB",
"url": "https://libgit2.github.com/security"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/01/10/5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/01/11/6"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95339"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GHC-RMVR-4977
Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-12 21:31In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: do not run mt76_unregister_device() on unregistered hw
Trying to probe a mt7921e pci card without firmware results in a successful probe where ieee80211_register_hw hasn't been called. When removing the driver, ieee802111_unregister_hw is called unconditionally leading to a kernel NULL pointer dereference. Fix the issue running mt76_unregister_device routine just for registered hw.
{
"affected": [],
"aliases": [
"CVE-2023-53071"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-02T16:15:26Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: do not run mt76_unregister_device() on unregistered hw\n\nTrying to probe a mt7921e pci card without firmware results in a\nsuccessful probe where ieee80211_register_hw hasn\u0027t been called. When\nremoving the driver, ieee802111_unregister_hw is called unconditionally\nleading to a kernel NULL pointer dereference.\nFix the issue running mt76_unregister_device routine just for registered\nhw.",
"id": "GHSA-7ghc-rmvr-4977",
"modified": "2025-11-12T21:31:00Z",
"published": "2025-05-02T18:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53071"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2d34f27714c97a9786a30b3bb54944d6d8ed612f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/41130c32f3a18fcc930316da17f3a5f3bc326aa1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dffe86df26aee01a5fc56a175b7a7f157961e370"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GJW-7W2H-P28H
Vulnerability from github – Published: 2022-05-14 01:09 – Updated: 2022-05-14 01:09NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges.
{
"affected": [],
"aliases": [
"CVE-2019-5667"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-02-27T23:29:00Z",
"severity": "HIGH"
},
"details": "NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges.",
"id": "GHSA-7gjw-7w2h-p28h",
"modified": "2022-05-14T01:09:19Z",
"published": "2022-05-14T01:09:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5667"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772"
},
{
"type": "WEB",
"url": "http://support.lenovo.com/us/en/solutions/LEN-26250"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GP9-JX5J-42CF
Vulnerability from github – Published: 2025-05-14 15:31 – Updated: 2025-11-12 21:31In the Linux kernel, the following vulnerability has been resolved:
media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
In dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach dw2102_i2c_transfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash.
Similar commit: commit 950e252cb469 ("[media] dw2102: limit messages to buffer size")
{
"affected": [],
"aliases": [
"CVE-2023-53146"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-14T13:15:47Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"id": "GHSA-7gp9-jx5j-42cf",
"modified": "2025-11-12T21:31:04Z",
"published": "2025-05-14T15:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53146"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/08dfcbd03b2b7f918c4f87c6ff637054e510df74"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5ae544d94abc8ff77b1b9bf8774def3fa5689b5b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/77cbd42d29de9ffc93d5529bab8813cde53af14c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/903566208ae6bb9c0e7e54355ce75bf6cf72485d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/97fdbdb750342cbc204befde976872fedb406ee6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/beb9550494e7349f92b9eaa283256a5ad9b1c9be"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ecbe6d011b95c7da59f014f8d26cb7245ed1e11e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fb28afab113a82b89ffec48c8155ec05b4f8cb5e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GRP-X8PQ-WH35
Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2025-01-31 15:30In the Linux kernel, the following vulnerability has been resolved:
i915/perf: Fix NULL deref bugs with drm_dbg() calls
When i915 perf interface is not available dereferencing it will lead to NULL dereferences.
As returning -ENOTSUPP is pretty clear return when perf interface is not available.
[tursulin: added stable tag] (cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889)
{
"affected": [],
"aliases": [
"CVE-2023-52788"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T16:15:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ni915/perf: Fix NULL deref bugs with drm_dbg() calls\n\nWhen i915 perf interface is not available dereferencing it will lead to\nNULL dereferences.\n\nAs returning -ENOTSUPP is pretty clear return when perf interface is not\navailable.\n\n[tursulin: added stable tag]\n(cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889)",
"id": "GHSA-7grp-x8pq-wh35",
"modified": "2025-01-31T15:30:42Z",
"published": "2024-05-21T18:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52788"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/10f49cdfd5fb342a1a9641930dc040c570694e98"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1566e8be73fd5fa424e88d2a4cffdc34f970f0e1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/471aa951bf1206d3c10d0daa67005b8e4db4ff83"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/55db76caa782baa4a1bf02296e2773c38a524a3e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bf8e105030083e7b71591cdf437e464bcd8a0c09"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.