CWE-476— NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.— MITRE CWE catalog
4,937 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-476page 38 of 99
- CVE-2022-44792MEDIUMCVSS 6.5EG 6.52022-11-07
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, …
- CVE-2022-44793MEDIUMCVSS 6.5EG 6.52022-11-07
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Deni…
- CVE-2022-47015MEDIUMCVSS 6.5EG 7.52023-01-20
MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.
- CVE-2022-47021HIGHCVSS 7.8EG 7.82023-01-20
A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.
- CVE-2022-47022MEDIUMCVSS 4.7EG 9.82023-08-22
An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c.
- CVE-2022-47024HIGHCVSS 7.8EG 7.82023-01-20
A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
- CVE-2022-47094HIGHCVSS 7.8EG 7.82023-01-05
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid
- CVE-2022-47359MEDIUMCVSS 5.5EG 5.52023-02-12
In log service, there is a missing permission check. This could lead to local denial of service in log service.
- CVE-2022-47360MEDIUMCVSS 5.5EG 5.52023-02-12
In log service, there is a missing permission check. This could lead to local denial of service in log service.
- CVE-2022-47465MEDIUMCVSS 5.5EG 5.52023-04-11
In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service.
- CVE-2022-47466MEDIUMCVSS 5.5EG 5.52023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
- CVE-2022-47467MEDIUMCVSS 5.5EG 5.52023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
- CVE-2022-47468MEDIUMCVSS 5.5EG 5.52023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
- CVE-2022-47929MEDIUMCVSS 5.5EG 5.52023-01-17
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc…
- CVE-2022-48231MEDIUMCVSS 5.5EG 5.52023-05-09
In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48241MEDIUMCVSS 5.5EG 5.52023-05-09
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-4842MEDIUMCVSS 5.5EG 5.52023-01-12
A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attr_punch_hole() was found. A local user could use this flaw to crash the system.
- CVE-2022-4843HIGHCVSS 7.5EG 7.52022-12-29
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.
- CVE-2022-48442MEDIUMCVSS 5.5EG 5.52023-06-06
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48443MEDIUMCVSS 5.5EG 5.52023-06-06
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48444MEDIUMCVSS 5.5EG 5.52023-06-06
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48445MEDIUMCVSS 5.5EG 5.52023-06-06
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48509MEDIUMCVSS 5.9EG 5.92023-07-06
Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally.
- CVE-2022-48606HIGHCVSS 7.5EG 7.52023-09-27
Stability-related vulnerability in the binder background management and control module. Successful exploitation of this vulnerability may affect availability.
- CVE-2022-48636MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup Fix Oops in dasd_alias_get_start_dev() function caused by the pavgroup pointer being NULL. The p…
- CVE-2022-48640MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bond_rr_gen_slave_id Fix a NULL dereference of the struct bonding.rr_tx_counter member because if a bond is initially created with an initial …
- CVE-2022-48644MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In an incredibly strange API design decision, qdisc->destroy() gets called even if qdisc->init() nev…
- CVE-2022-48646MEDIUMCVSS 6.2EG 6.22024-04-28
In the Linux kernel, the following vulnerability has been resolved: sfc/siena: fix null pointer dereference in efx_hard_start_xmit Like in previous patch for sfc, prevent potential (but unlikely) NULL pointer dereference.
- CVE-2022-48647MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel offset when using legacy interrupts In legacy interrupt mode the tx_channel_offset was hardcoded to 1, but that's not correct if efx_sepparate_tx_cha…
- CVE-2022-48648MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: sfc: fix null pointer dereference in efx_hard_start_xmit Trying to get the channel from the tx_queue variable here is wrong because we can only be here if tx_queue is NU…
- CVE-2022-48652MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 ("ice: ethtool: Pr…
- CVE-2022-48663MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: fix NULL pointer dereference when removing debugfs We now remove the device's debugfs entries when unbinding the driver. This now causes a NULL-pointer der…
- CVE-2022-48688MEDIUMCVSS 5.5EG 5.52024-05-03
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do et…
- CVE-2022-48692MEDIUMCVSS 5.5EG 5.52024-05-03
In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasiona…
- CVE-2022-48703MEDIUMCVSS 5.5EG 5.52024-05-03
In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that k…
- CVE-2022-48707MEDIUMCVSS 5.5EG 5.52024-05-21
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root por…
- CVE-2022-48708MEDIUMCVSS 5.5EG 5.52024-05-21
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "fun…
- CVE-2022-48710MEDIUMCVSS 5.5EG 5.52024-05-21
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL p…
- CVE-2022-48713MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check ca…
- CVE-2022-48718MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drm_atomic_get_new_bridge_state is allowed to return. Assume a fixed fo…
- CVE-2022-48728MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1_ipoib_setup_rn() can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at …
- CVE-2022-48735HIGHCVSS 7.8EG 7.82024-06-20
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devm_led_classdev_register() and a…
- CVE-2022-48741MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: ovl: fix NULL pointer dereference in copy up warning This patch is fixing a NULL pointer dereference to get a recently introduced warning message working.
- CVE-2022-48746MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it m…
- CVE-2022-48749MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function performs a check on the "ctx" input parameter, however, it is used before the check. Initialize …
- CVE-2022-48750MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix crash in clear_caseopen Paweł Marciniak reports the following crash, observed when clearing the chassis intrusion alarm. BUG: kernel NULL pointer …
- CVE-2022-48751MEDIUMCVSS 4.7EG 4.72024-06-20
In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smc_setsockopt() and it is caused by accessing smc->clcsock after clcsock was released. …
- CVE-2022-48756MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize …
- CVE-2022-48762MEDIUMCVSS 6.2EG 6.22024-06-20
In the Linux kernel, the following vulnerability has been resolved: arm64: extable: fix load_unaligned_zeropad() reg indices In ex_handler_load_unaligned_zeropad() we erroneously extract the data and addr register indices from ex->type r…
- CVE-2022-48770MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() task_pt_regs() can return NULL on powerpc for kernel threads. This is then used in __bpf_get_stack() to…
Map vulnerabilities like CWE-476 to your infrastructure
EchelonGraph correlates every CVE — across CWE-476 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →