Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-476 (空指针解引用) — Vulnerability Class 1138

1138 vulnerabilities classified as CWE-476 (空指针解引用). AI Chinese analysis included.

CWE-476 represents a critical memory management weakness where software attempts to access memory through a pointer that holds a NULL value instead of a valid address. This error typically occurs when a function fails to allocate memory or validate input, yet the code proceeds to dereference the resulting null reference without checking its status. Attackers exploit this vulnerability by triggering the null condition, often causing the application to crash and resulting in a denial of service. In more complex scenarios, if the NULL pointer is manipulated to point to executable code, it may lead to arbitrary code execution or privilege escalation. To prevent this, developers must rigorously validate all pointers before use, ensuring they are not NULL. Implementing defensive programming practices, such as using assertions during development and comprehensive error handling in production, helps mitigate the risk of dereferencing invalid memory addresses.

MITRE CWE Description
The product dereferences a pointer that it expects to be valid but is NULL.
Common Consequences (2)
AvailabilityDoS: Crash, Exit, or Restart
NULL pointer dereferences usually result in the failure of the process unless exception handling (on some platforms) is available and implemented. Even when exception handling is being used, it can still be very difficult to return the software to a safe state of operation.
Integrity, ConfidentialityExecute Unauthorized Code or Commands, Read Memory, Modify Memory
In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution.
Mitigations (5)
ImplementationFor any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
RequirementsSelect a programming language that is not susceptible to these issues.
ImplementationCheck the results of all functions that return a value and verify that the value is non-null before acting upon it.
Effectiveness: Moderate
Architecture and DesignIdentify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
ImplementationExplicitly initialize all variables and other data stores, either during declaration or just before the first usage.
Examples (2)
This example takes an IP address from a user, verifies that it is well formed and then looks up the hostname and copies it into a buffer.
void host_lookup(char *user_supplied_addr){ struct hostent *hp; in_addr_t *addr; char hostname[64]; in_addr_t inet_addr(const char *cp); /*routine that ensures user_supplied_addr is in the right format for conversion */ validate_addr_form(user_supplied_addr); addr = inet_addr(user_supplied_addr); hp = gethostbyaddr( addr, sizeof(struct in_addr), AF_INET); strcpy(hostname, hp->h_name); }
Bad · C
In the following code, the programmer assumes that the system always has a property named "cmd" defined. If an attacker can control the program's environment so that "cmd" is not defined, the program throws a NULL pointer exception when it attempts to call the trim() method.
String cmd = System.getProperty("cmd"); cmd = cmd.trim();
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2024-12661 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E024 null pointer dereference — Advanced SystemCare Utimate 5.5 Medium2024-12-16
CVE-2024-12660 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E018 null pointer dereference — Advanced SystemCare Utimate 5.5 Medium2024-12-16
CVE-2024-12659 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E004 null pointer dereference — Advanced SystemCare Utimate 5.5 Medium2024-12-16
CVE-2024-12658 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E01C null pointer dereference — Advanced SystemCare Utimate 5.5 Medium2024-12-16
CVE-2024-12657 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E000 null pointer dereference — Advanced SystemCare Utimate 5.5 Medium2024-12-16
CVE-2024-12656 FabulaTech USB over Network IOCT ftusbbus2.sys 0x220448 null pointer dereference — USB over Network 5.5 Medium2024-12-16
CVE-2024-12655 FabulaTech USB over Network IOCT ftusbbus2.sys 0x220420 null pointer dereference — USB over Network 5.5 Medium2024-12-16
CVE-2024-12654 FabulaTech USB over Network IOCT ftusbbus2.sys 0x220408 null pointer dereference — USB over Network 5.5 Medium2024-12-16
CVE-2024-12653 FabulaTech USB over Network IOCT ftusbbus2.sys 0x22040C null pointer dereference — USB over Network 5.5 Medium2024-12-16
CVE-2024-47835 GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser — gstreamer 5.5 -2024-12-11
CVE-2024-47613 GHSL-2024-118: GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush — gstreamer 7.1 -2024-12-11
CVE-2024-47603 GHSL-2024-251: GStreamer NULL-pointer dereference in Matroska/WebM demuxer — gstreamer 5.5 -2024-12-11
CVE-2024-47602 GHSL-2024-250: Streamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer — gstreamer 5.5 -2024-12-11
CVE-2024-47601 GHSL-2024-249: GStreamer has a NULL-pointer dereference in Matroska/WebM demuxer — gstreamer 5.5 -2024-12-11
CVE-2024-47599 GHSL-2024-247: GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences — gstreamer 5.5 -2024-12-11
CVE-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling — gstreamer 5.5 -2024-12-11
CVE-2024-47542 GHSL-2024-235: GStreamer ID3v2 parser out-of-bounds read and NULL-pointer dereference — gstreamer 5.5 -2024-12-11
CVE-2024-52833 Substance3D - Modeler | NULL Pointer Dereference (CWE-476) — Substance3D - Modeler 5.5 Medium2024-12-10
CVE-2024-53006 Substance3D - Modeler | NULL Pointer Dereference (CWE-476) — Substance3D - Modeler 5.5 Medium2024-12-10
CVE-2024-53952 InDesign Desktop | NULL Pointer Dereference (CWE-476) — InDesign Desktop 5.5 Medium2024-12-10
CVE-2024-45156 Animate | NULL Pointer Dereference (CWE-476) — Animate 7.8 High2024-12-10
CVE-2024-49554 Media Encoder | NULL Pointer Dereference (CWE-476) — Media Encoder 5.5 Medium2024-12-10
CVE-2024-49531 Acrobat Reader | NULL Pointer Dereference (CWE-476) — Acrobat Reader 5.5 Medium2024-12-10
CVE-2024-49121 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability — Windows 10 Version 1809 7.5 High2024-12-10
CVE-2024-11148 OpenBSD httpd(8) null dereference — OpenBSD 7.5 High2024-12-05
CVE-2024-54130 Segmentation Fault in `forwardBundle` Function of ION-DTN BPv7 When Destination EID is `dtn:none` (public) — ION-DTN 7.5 -2024-12-05
CVE-2024-12227 MSI Dragon Center IOCTL NTIOLib_X64.sys MmUnMapIoSpace null pointer dereference — Dragon Center 5.5 Medium2024-12-05
CVE-2024-52546 Lorex 2K Indoor Wi-Fi Security Camera - Null pointer dereference — 2K Indoor Wi-Fi Security Camera 5.3 Medium2024-12-03
CVE-2024-12002 Tenda FH451/FH1201/FH1202/FH1206 GetIPTV websReadEvent null pointer dereference — FH451 4.3 Medium2024-11-30
CVE-2024-11650 Tenda i9 GetIPTV websReadEvent null pointer dereference — i9 6.5 Medium2024-11-25

Vulnerabilities classified as CWE-476 (空指针解引用) represent 1138 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.