CVE-2024-24856

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-476
View all →

Vulnerability Description

The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference. To fix this issue, a null pointer check should be added. If it is null, return exception code AE_NO_MEMORY.

Related Vulnerabilities

CVE-2017-1000360

MEDIUM
CVSS:5.3(Medium)

StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Vers...

CWE-4762017

CVE-2017-17251

MEDIUM
CVSS:5.3(Medium)

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, ...

CWE-4762017

CVE-2017-18658

MEDIUM
CVSS:5.3(Medium)

An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a n...

CWE-4762017

CVE-2018-0833

MEDIUM
CVSS:5.3(Medium)

The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests ...

CWE-4762018

CVE-2018-3841

MEDIUM
CVSS:5.3(Medium)

A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x69). The vulnerability is present in the parsing of a network packet without proper validation of the packet....

CWE-4762018

CVE-2019-13161

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip wh...

CWE-4762019