Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-822 (非可信指针解引用) — Vulnerability Class 172

172 vulnerabilities classified as CWE-822 (非可信指针解引用). AI Chinese analysis included.

CWE-822 represents a critical memory safety weakness where software incorrectly interprets an untrusted input value as a valid memory address. This flaw typically arises when developers fail to validate or sanitize external data before casting it to a pointer type. Attackers exploit this vulnerability by supplying malicious pointer values that reference unintended memory regions. If the application dereferences this pointer for a write operation, the attacker can corrupt critical state variables, trigger a denial of service through a system crash, or potentially achieve arbitrary code execution by overwriting function pointers. To mitigate this risk, developers must implement rigorous input validation, ensuring that all external values are strictly checked against expected ranges and types before any pointer conversion occurs. Additionally, employing static analysis tools and memory-safe programming languages can help detect and prevent these dangerous dereferences during the development lifecycle.

MITRE CWE Description
The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer. An attacker can supply a pointer for memory locations that the product is not expecting. If the pointer is dereferenced for a write operation, the attack might allow modification of critical state variables, cause a crash, or execute code. If the dereferencing operation is for a read, then the attack might allow reading of sensitive data, cause a crash, or set a variable to an unexpected value (since the value will be read from an unexpected memory location). There are several variants of this weakness, including but not necessarily limited to: The untrusted value is directly invoked as a function call. In OS kernels or drivers where there is a boundary between "userland" and privileged memory spaces, an untrusted pointer might enter through an API or system call (see CWE-781 for one such example). Inadvertently accepting the value from an untrusted control sphere when it did not have to be accepted as input at all. This might occur when the code was originally developed to be run by a single user in a non-networked environment, and the code is then ported to or otherwise exposed to a networked environment.
Common Consequences (3)
ConfidentialityRead Memory
If the untrusted pointer is used in a read operation, an attacker might be able to read sensitive portions of memory.
AvailabilityDoS: Crash, Exit, or Restart
If the untrusted pointer references a memory location that is not accessible to the product, or points to a location that is "malformed" or larger than expected by a read or write operation, the application may terminate unexpectedly.
Integrity, Confidentiality, AvailabilityExecute Unauthorized Code or Commands, Modify Memory
If the untrusted pointer is used in a function call, or points to unexpected data in a write operation, then code execution may be possible.
CVE IDTitleCVSSSeverityPublished
CVE-2024-40872 Elevation of privilege in Absolute Secure Access clients and servers — Secure Access 8.4 High2024-07-25
CVE-2024-38104 Windows Fax Service Remote Code Execution Vulnerability — Windows 10 Version 1809 8.8 High2024-07-09
CVE-2024-37969 Secure Boot Security Feature Bypass Vulnerability — Windows 10 Version 1809 8.0 High2024-07-09
CVE-2024-0091 CVE — GPU display driver, vGPU software, and Cloud Gaming 7.8 High2024-06-13
CVE-2024-30090 Microsoft Streaming Service Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.0 High2024-06-11
CVE-2024-35250 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2024-06-11
CVE-2023-40472 PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability — PDF-XChange Editor 7.8 -2024-05-03
CVE-2023-40471 PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability — PDF-XChange Editor 7.8 -2024-05-03
CVE-2023-39501 PDF-XChange Editor OXPS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability — PDF-XChange Editor 7.8 -2024-05-03
CVE-2023-35711 Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability — Cobalt 7.8 -2024-05-03
CVE-2023-34311 Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability — Cobalt 7.8 -2024-05-03
CVE-2023-34309 Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability — Cobalt 7.8 -2024-05-03
CVE-2023-34301 Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability — Cobalt 7.8 -2024-05-03
CVE-2023-34300 Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability — Cobalt 7.8 -2024-05-03
CVE-2023-27342 PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability — PDF-XChange Editor 7.8 -2024-05-03
CVE-2024-26213 Microsoft Brokering File System Elevation of Privilege Vulnerability — Windows Server 2022, 23H2 Edition (Server Core installation) 7.0 High2024-04-09
CVE-2024-26254 Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability — Windows 10 Version 1809 7.5 High2024-04-09
CVE-2024-26252 Windows rndismp6.sys Remote Code Execution Vulnerability — Windows 10 Version 1809 6.8 Medium2024-04-09
CVE-2024-23136 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software — AutoCAD 7.8 High2024-02-22
CVE-2024-21346 Win32k Elevation of Privilege Vulnerability — Windows 11 version 21H2 7.8 High2024-02-13
CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2024-02-13
CVE-2023-43532 Untrusted Pointer Dereference in Display — Snapdragon 8.4 High2024-02-06
CVE-2023-43518 Untrusted Pointer Dereference in Video — Snapdragon 7.3 High2024-02-06
CVE-2023-34333 Untrusted Pointer Dereference — MegaRAC_SPx 7.8 High2024-01-09
CVE-2023-34332 Untrusted Pointer Dereference in BMC — MegaRAC_SPx 7.8 High2024-01-09
CVE-2024-20664 Microsoft Message Queuing Information Disclosure Vulnerability — Windows 10 Version 1809 6.5 Medium2024-01-09
CVE-2024-20663 Windows Message Queuing Client (MSMQC) Information Disclosure — Windows 10 Version 1809 6.5 Medium2024-01-09
CVE-2024-20682 Windows Cryptographic Services Remote Code Execution Vulnerability — Windows 10 Version 1809 7.8 High2024-01-09
CVE-2024-20680 Windows Message Queuing Client (MSMQC) Information Disclosure — Windows 10 Version 1809 6.5 Medium2024-01-09
CVE-2023-36011 Win32k Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2023-12-12

Vulnerabilities classified as CWE-822 (非可信指针解引用) represent 172 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.