SUSE CVE-2024-43860

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Skip over memory region when node value is NULL In imxrprocaddrinit "nph = ofcountphandlewithargs" just counts number of phandles. But phandles may be empty. So ofparsephandle in the parsing loop 0 a nph may...

CVE-2024-43860

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Skip over memory region when node value is NULL In imxrprocaddrinit "nph = ofcountphandlewithargs" just counts number of phandles. But phandles may be empty. So ofparsephandle in the parsing loop 0 a nph may...

CVE-2023-52744

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix potential NULL-ptr-dereference indevget can return NULL which will cause a failure once idev is dereferenced in indevforeachifartnl. This patch adds a check for NULL value in idev beforehand. Found by Linux...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of NULL value checking...

NULL Pointer Dereference

ThreeTen Backport is vulnerable to NULL Pointer Dereference. The vulnerability is due to missing null value checks in the org.threeten.bp.LocalDate::compareToChronoLocalDate method, resulting in a NullPointerException if an attacker can pass a null value to the method...

BIT-MARIADB-2021-46664

MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...

mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr

MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...

CVE-2023-20560

Insufficient validation of the IOCTL Input Output Control input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service...

CVE-2023-20560

The CVE-2023-20560 issue is an Intel IOCTL input buffer validation vulnerability in AMD Ryzen™ Master. The root cause is insufficient validation of the IOCTL input buffer in Ryzen Master, which could allow a privileged attacker to supply a null value, potentially causing a Windows crash and resul...

CLSA-2023-1680210210 Fix CVE(s): CVE-2022-47024

SECURITY UPDATE: No check if the return value of XCreateGC is NULL - debian/patches/CVE-2022-47024: Only use the return value when it is not NULL. - CVE-2022-47024...

SUSE CVE-2013-4143

The 1 checkPasswd and 2 checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock via vectors related to...

SUSE CVE-2017-9239

An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue to 0x0, and the value of pValue is 0x0. TiffImageEntry::doWriteImage will use the value of pValue to cause a segmentation fault. To exploit this vulnerability, someone must...

SUSE CVE-2018-14884

An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because httpheadervalue in ext/standard/httpfopenwrapper.c can be a NULL value that is mishandled in an atoi call...

SUSE CVE-2019-13296

ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value...

SUSE CVE-2020-13143

gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4...

SUSE CVE-2022-41716

Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...

mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr

MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...

mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr

MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...

GHSA-CXWH-VMHG-39R2 Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Sling

The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that returned when the session does not have permissions to the root node, which allows remote attackers ...

EUVD-2016-3597

ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service ntpd abort by a large request data value, which triggers the ctlgetitem function to return a NULL value...