Vulnerabilities > NULL Pointer Dereference
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-06 | CVE-2024-58062 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer is valid (in other words - that the link exists) before dereferncing it. Use for_each_vif_active_link that also does the check. | 5.5 |
| 2025-03-06 | CVE-2024-58064 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for ies. | 5.5 |
| 2025-03-06 | CVE-2024-58065 | NULL Pointer Dereference vulnerability in Linux Kernel 6.13/6.13.1 In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Fix the check. | 5.5 |
| 2025-03-06 | CVE-2024-58066 | NULL Pointer Dereference vulnerability in Linux Kernel 6.13/6.13.1 In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fix a NULL vs IS_ERR() check The devm_kzalloc() function doesn't return error pointers, it returns NULL on error. | 5.5 |
| 2025-03-06 | CVE-2024-58067 | NULL Pointer Dereference vulnerability in Linux Kernel 6.13/6.13.1 In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-mpmu: Fix a NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Update the check to match. | 5.5 |
| 2025-03-06 | CVE-2024-58068 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table was not created because the interconnect properties were missing in the OPP consumer node, the kernel will crash with: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 ... pc : _read_bw+0x8/0x10 lr : _opp_table_find_key+0x9c/0x174 ... Call trace: _read_bw+0x8/0x10 (P) _opp_table_find_key+0x9c/0x174 (L) _find_key+0x98/0x168 dev_pm_opp_find_bw_ceil+0x50/0x88 ... In order to fix the crash, create an assert function to check if the bandwidth table was created before trying to get a bandwidth with _read_bw(). | 5.5 |
| 2025-03-06 | CVE-2024-58073 | NULL Pointer Dereference vulnerability in Linux Kernel 6.13/6.13.1 In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check dpu_plane_atomic_print_state() for valid sspp Similar to the r_pipe sspp protect, add a check to protect the pipe state prints to avoid NULL ptr dereference for cases when the state is dumped without a corresponding atomic_check() where the pipe->sspp is assigned. Patchwork: https://patchwork.freedesktop.org/patch/628404/ | 5.5 |
| 2025-03-04 | CVE-2025-21084 | NULL Pointer Dereference vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. | 7.8 |
| 2025-03-04 | CVE-2025-21097 | NULL Pointer Dereference vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. | 5.5 |
| 2025-03-04 | CVE-2025-22837 | NULL Pointer Dereference vulnerability in Openatom Openharmony in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. | 5.5 |