Common Weakness Enumeration

CWE-416

Allowed

Use After Free

Abstraction: Variant · Status: Stable

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

9811 vulnerabilities reference this CWE, most recent first.

GHSA-222X-4QHM-7H5F

Vulnerability from github – Published: 2023-02-28 15:30 – Updated: 2023-03-10 06:30
VLAI
Details

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0461"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-28T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c",
  "id": "GHSA-222x-4qhm-7h5f",
  "modified": "2023-03-10T06:30:21Z",
  "published": "2023-02-28T15:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0461"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2c02d41d71f90a5168391b6a5f2954112ba2307c"
    },
    {
      "type": "WEB",
      "url": "https://kernel.dance/#2c02d41d71f90a5168391b6a5f2954112ba2307c"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2237-W692-94PV

Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2024-04-04 01:53
VLAI
Details

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-15890"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-06T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.",
  "id": "GHSA-2237-w692-94pv",
  "modified": "2024-04-04T01:53:28Z",
  "published": "2022-05-24T16:55:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15890"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0775"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2020/Feb/0"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4191-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4191-2"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4616"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/09/06/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2252-87PV-34G4

Vulnerability from github – Published: 2024-04-04 09:30 – Updated: 2024-12-20 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Avoid potential use-after-free in hci_error_reset

While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism would free the hci_dev and lead to a use-after-free in hci_error_reset.

Here's the call trace observed on a ChromeOS device with Intel AX201: queue_work_on+0x3e/0x6c __hci_cmd_sync_sk+0x2ee/0x4c0 [bluetooth ] ? init_wait_entry+0x31/0x31 __hci_cmd_sync+0x16/0x20 [bluetooth ] hci_error_reset+0x4f/0xa4 [bluetooth ] process_one_work+0x1d8/0x33f worker_thread+0x21b/0x373 kthread+0x13a/0x152 ? pr_cont_work+0x54/0x54 ? kthread_blkcg+0x31/0x31 ret_from_fork+0x1f/0x30

This patch holds the reference count on the hci_dev while processing a HCI_EV_HARDWARE_ERROR event to avoid potential crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26801"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-04T09:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Avoid potential use-after-free in hci_error_reset\n\nWhile handling the HCI_EV_HARDWARE_ERROR event, if the underlying\nBT controller is not responding, the GPIO reset mechanism would\nfree the hci_dev and lead to a use-after-free in hci_error_reset.\n\nHere\u0027s the call trace observed on a ChromeOS device with Intel AX201:\n   queue_work_on+0x3e/0x6c\n   __hci_cmd_sync_sk+0x2ee/0x4c0 [bluetooth \u003cHASH:3b4a6\u003e]\n   ? init_wait_entry+0x31/0x31\n   __hci_cmd_sync+0x16/0x20 [bluetooth \u003cHASH:3b4a 6\u003e]\n   hci_error_reset+0x4f/0xa4 [bluetooth \u003cHASH:3b4a 6\u003e]\n   process_one_work+0x1d8/0x33f\n   worker_thread+0x21b/0x373\n   kthread+0x13a/0x152\n   ? pr_cont_work+0x54/0x54\n   ? kthread_blkcg+0x31/0x31\n    ret_from_fork+0x1f/0x30\n\nThis patch holds the reference count on the hci_dev while processing\na HCI_EV_HARDWARE_ERROR event to avoid potential crash.",
  "id": "GHSA-2252-87pv-34g4",
  "modified": "2024-12-20T18:31:29Z",
  "published": "2024-04-04T09:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26801"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2449007d3f73b2842c9734f45f0aadb522daf592"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2ab9a19d896f5a0dd386e1f001c5309bc35f433b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/45085686b9559bfbe3a4f41d3d695a520668f5e1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6dd0a9dfa99f8990a08eb8fdd8e79bee31c7d8e2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/98fb98fd37e42fd4ce13ff657ea64503e24b6090"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/da4569d450b193e39e87119fd316c0291b585d14"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dd594cdc24f2e48dab441732e6dfcafd6b0711d1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e0b278650f07acf2e0932149183458468a731c03"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-225G-RRJ9-X694

Vulnerability from github – Published: 2022-05-14 01:06 – Updated: 2022-05-14 01:06
VLAI
Details

The decompileIF function (util/decompile.c) in libming through 0.4.8 is vulnerable to a use-after-free, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-6359"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-27T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "The decompileIF function (util/decompile.c) in libming through 0.4.8 is vulnerable to a use-after-free, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file.",
  "id": "GHSA-225g-rrj9-x694",
  "modified": "2022-05-14T01:06:48Z",
  "published": "2022-05-14T01:06:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6359"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libming/libming/issues/105"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00008.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201904-24"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102856"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-225P-3JP7-Q6P8

Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2024-04-04 05:35
VLAI
Details

A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-1252"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-23T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "A use-after-free flaw was found in the Linux kernel\u2019s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 (\"ovl: fix use after free in struct ovl_aio_req\") not applied yet, the kernel could be affected.",
  "id": "GHSA-225p-3jp7-q6p8",
  "modified": "2024-04-04T05:35:08Z",
  "published": "2023-07-06T19:24:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/lkml/20211115165433.449951285%40linuxfoundation.org"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230505-0005"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-225V-3R3M-379W

Vulnerability from github – Published: 2022-05-13 01:33 – Updated: 2022-05-13 01:33
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the attachIcon property of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6499.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-17634"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-24T04:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the attachIcon property of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6499.",
  "id": "GHSA-225v-3r3m-379w",
  "modified": "2022-05-13T01:33:59Z",
  "published": "2022-05-13T01:33:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17634"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-1200"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2275-6765-H9PG

Vulnerability from github – Published: 2026-01-24 03:30 – Updated: 2026-01-26 18:31
VLAI
Details

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device.

The shader code contained in the web page executes a path in the compiler that held onto an out of date pointer, pointing to a freed memory object.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-13952"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-24T03:16:00Z",
    "severity": "CRITICAL"
  },
  "details": "A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device.\n\nThe shader code contained in the web page executes a path in the compiler that held onto an out of date pointer, pointing to a freed memory object.",
  "id": "GHSA-2275-6765-h9pg",
  "modified": "2026-01-26T18:31:29Z",
  "published": "2026-01-24T03:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13952"
    },
    {
      "type": "WEB",
      "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2289-HHFC-P684

Vulnerability from github – Published: 2026-03-11 12:31 – Updated: 2026-03-11 18:30
VLAI
Details

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-3805"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-11T11:16:00Z",
    "severity": "HIGH"
  },
  "details": "When doing a second SMB request to the same host again, curl would wrongly use\na data pointer pointing into already freed memory.",
  "id": "GHSA-2289-hhfc-p684",
  "modified": "2026-03-11T18:30:31Z",
  "published": "2026-03-11T12:31:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3805"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3591944"
    },
    {
      "type": "WEB",
      "url": "https://curl.se/docs/CVE-2026-3805.html"
    },
    {
      "type": "WEB",
      "url": "https://curl.se/docs/CVE-2026-3805.json"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/03/11/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-228Q-26QQ-7H4M

Vulnerability from github – Published: 2022-07-19 00:00 – Updated: 2022-07-24 00:00
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16821.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-28680"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-18T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16821.",
  "id": "GHSA-228q-26qq-7h4m",
  "modified": "2022-07-24T00:00:35Z",
  "published": "2022-07-19T00:00:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28680"
    },
    {
      "type": "WEB",
      "url": "https://www.foxit.com/support/security-bulletins.html"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-771"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2292-859M-6PRP

Vulnerability from github – Published: 2024-03-03 00:30 – Updated: 2024-12-11 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ieee802154: ca8210: Fix a potential UAF in ca8210_probe

If of_clk_add_provider() fails in ca8210_register_ext_clock(), it calls clk_unregister() to release priv->clk and returns an error. However, the caller ca8210_probe() then calls ca8210_remove(), where priv->clk is freed again in ca8210_unregister_ext_clock(). In this case, a use-after-free may happen in the second time we call clk_unregister().

Fix this by removing the first clk_unregister(). Also, priv->clk could be an error code on failure of clk_register_fixed_rate(). Use IS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-52510"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-02T22:15:47Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nieee802154: ca8210: Fix a potential UAF in ca8210_probe\n\nIf of_clk_add_provider() fails in ca8210_register_ext_clock(),\nit calls clk_unregister() to release priv-\u003eclk and returns an\nerror. However, the caller ca8210_probe() then calls ca8210_remove(),\nwhere priv-\u003eclk is freed again in ca8210_unregister_ext_clock(). In\nthis case, a use-after-free may happen in the second time we call\nclk_unregister().\n\nFix this by removing the first clk_unregister(). Also, priv-\u003eclk could\nbe an error code on failure of clk_register_fixed_rate(). Use\nIS_ERR_OR_NULL to catch this case in ca8210_unregister_ext_clock().",
  "id": "GHSA-2292-859m-6prp",
  "modified": "2024-12-11T15:31:14Z",
  "published": "2024-03-03T00:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52510"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/217efe32a45249eb07dcd7197e8403de98345e66"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/28b68cba378e3e50a4082b65f262bc4f2c7c2add"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/55e06850c7894f00d41b767c5f5665459f83f58f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/84c6aa0ae5c4dc121f9996bb8fed46c80909d80e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/85c2857ef90041f567ce98722c1c342c4d31f4bc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/becf5c147198f4345243c5df0c4f035415491640"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cdb46be93c1f7bbf2c4649e9fc5fb147cfb5245d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f990874b1c98fe8e57ee9385669f501822979258"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Strategy: Language Selection

Choose a language that provides automatic memory management.

Mitigation
Implementation

Strategy: Attack Surface Reduction

When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.

No CAPEC attack patterns related to this CWE.