CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-2HQ5-5VH4-F96J
Vulnerability from github – Published: 2022-04-06 00:01 – Updated: 2022-04-09 00:00Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction.
{
"affected": [],
"aliases": [
"CVE-2022-0456"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-05T01:15:00Z",
"severity": "HIGH"
},
"details": "Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction.",
"id": "GHSA-2hq5-5vh4-f96j",
"modified": "2022-04-09T00:00:33Z",
"published": "2022-04-06T00:01:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0456"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1289523"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2HRR-R3HG-FJC2
Vulnerability from github – Published: 2022-05-24 21:59 – Updated: 2025-11-25 18:32A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
{
"affected": [],
"aliases": [
"CVE-2019-9790"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-26T17:29:00Z",
"severity": "CRITICAL"
},
"details": "A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.6, Firefox ESR \u003c 60.6, and Firefox \u003c 66.",
"id": "GHSA-2hrr-r3hg-fjc2",
"modified": "2025-11-25T18:32:15Z",
"published": "2022-05-24T21:59:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9790"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:0966"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1144"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1525145"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-07"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-08"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2HV4-552M-4MW7
Vulnerability from github – Published: 2022-05-14 03:10 – Updated: 2025-11-25 18:32A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
{
"affected": [],
"aliases": [
"CVE-2017-7752"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-11T21:29:00Z",
"severity": "HIGH"
},
"details": "A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox \u003c 54, Firefox ESR \u003c 52.2, and Thunderbird \u003c 52.2.",
"id": "GHSA-2hv4-552m-4mw7",
"modified": "2025-11-25T18:32:08Z",
"published": "2022-05-14T03:10:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7752"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1440"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1561"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1359547"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-3881"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-3918"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-15"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-16"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-17"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99057"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038689"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2HVG-8MMR-F5MC
Vulnerability from github – Published: 2026-04-24 15:32 – Updated: 2026-06-01 18:31In the Linux kernel, the following vulnerability has been resolved:
media: em28xx: fix use-after-free in em28xx_v4l2_open()
em28xx_v4l2_open() reads dev->v4l2 without holding dev->lock, creating a race with em28xx_v4l2_init()'s error path and em28xx_v4l2_fini(), both of which free the em28xx_v4l2 struct and set dev->v4l2 to NULL under dev->lock.
This race leads to two issues: - use-after-free in v4l2_fh_init() when accessing vdev->ctrl_handler, since the video_device is embedded in the freed em28xx_v4l2 struct. - NULL pointer dereference in em28xx_resolution_set() when accessing v4l2->norm, since dev->v4l2 has been set to NULL.
Fix this by moving the mutex_lock() before the dev->v4l2 read and adding a NULL check for dev->v4l2 under the lock.
{
"affected": [],
"aliases": [
"CVE-2026-31583"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-24T15:16:33Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: em28xx: fix use-after-free in em28xx_v4l2_open()\n\nem28xx_v4l2_open() reads dev-\u003ev4l2 without holding dev-\u003elock,\ncreating a race with em28xx_v4l2_init()\u0027s error path and\nem28xx_v4l2_fini(), both of which free the em28xx_v4l2 struct\nand set dev-\u003ev4l2 to NULL under dev-\u003elock.\n\nThis race leads to two issues:\n - use-after-free in v4l2_fh_init() when accessing vdev-\u003ectrl_handler,\n since the video_device is embedded in the freed em28xx_v4l2 struct.\n - NULL pointer dereference in em28xx_resolution_set() when accessing\n v4l2-\u003enorm, since dev-\u003ev4l2 has been set to NULL.\n\nFix this by moving the mutex_lock() before the dev-\u003ev4l2 read and\nadding a NULL check for dev-\u003ev4l2 under the lock.",
"id": "GHSA-2hvg-8mmr-f5mc",
"modified": "2026-06-01T18:31:25Z",
"published": "2026-04-24T15:32:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31583"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2cbf81f76842e46bdf25823c70e1db4044a65678"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/38a327221f7f765e7d853b7bafe47e342441ec85"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3c0283a59e36e3707c4a81f4952e362d31f876b8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5fb2940327722b4684d2f964b54c1c90aa277324"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6b9e66437cc6123ddedac141e1b8b6fcf57d2972"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/871b8ea8ef39a6c253594649f4339378fad3d0dd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a66485a934c7187ae8e36517d40615fa2e961cff"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b5d141ea15f173f15b9f0a72965902f3428c0d92"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dd2b888e08d3b3d6aacd65d76cd44fac11da750f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2HWQ-HRJC-WWR4
Vulnerability from github – Published: 2022-05-24 16:47 – Updated: 2024-04-04 00:54An invalid read of 8 bytes due to a use-after-free vulnerability in the mg_http_free_proto_data_cgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution.
{
"affected": [],
"aliases": [
"CVE-2018-20356"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-06-10T17:29:00Z",
"severity": "CRITICAL"
},
"details": "An invalid read of 8 bytes due to a use-after-free vulnerability in the mg_http_free_proto_data_cgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution.",
"id": "GHSA-2hwq-hrjc-wwr4",
"modified": "2024-04-04T00:54:50Z",
"published": "2022-05-24T16:47:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20356"
},
{
"type": "WEB",
"url": "https://github.com/insi2304/mongoose-6.13-fuzz/blob/master/Simplest_Web_Server_Use_After_Free-read_mg_http_free_proto_data_cgi.png"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2HWR-P3MH-H7F6
Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-11-24 21:30In the Linux kernel, the following vulnerability has been resolved:
sctp: handle the error returned from sctp_auth_asoc_init_active_key
When it returns an error from sctp_auth_asoc_init_active_key(), the active_key is actually not updated. The old sh_key will be freeed while it's still used as active key in asoc. Then an use-after-free will be triggered when sending patckets, as found by syzbot:
sctp_auth_shkey_hold+0x22/0xa0 net/sctp/auth.c:112 sctp_set_owner_w net/sctp/socket.c:132 [inline] sctp_sendmsg_to_asoc+0xbd5/0x1a20 net/sctp/socket.c:1863 sctp_sendmsg+0x1053/0x1d50 net/sctp/socket.c:2025 inet_sendmsg+0x99/0xe0 net/ipv4/af_inet.c:819 sock_sendmsg_nosec net/socket.c:714 [inline] sock_sendmsg+0xcf/0x120 net/socket.c:734
This patch is to fix it by not replacing the sh_key when it returns errors from sctp_auth_asoc_init_active_key() in sctp_auth_set_key(). For sctp_auth_set_active_key(), old active_key_id will be set back to asoc->active_key_id when the same thing happens.
{
"affected": [],
"aliases": [
"CVE-2022-50243"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T14:15:34Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: handle the error returned from sctp_auth_asoc_init_active_key\n\nWhen it returns an error from sctp_auth_asoc_init_active_key(), the\nactive_key is actually not updated. The old sh_key will be freeed\nwhile it\u0027s still used as active key in asoc. Then an use-after-free\nwill be triggered when sending patckets, as found by syzbot:\n\n sctp_auth_shkey_hold+0x22/0xa0 net/sctp/auth.c:112\n sctp_set_owner_w net/sctp/socket.c:132 [inline]\n sctp_sendmsg_to_asoc+0xbd5/0x1a20 net/sctp/socket.c:1863\n sctp_sendmsg+0x1053/0x1d50 net/sctp/socket.c:2025\n inet_sendmsg+0x99/0xe0 net/ipv4/af_inet.c:819\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:734\n\nThis patch is to fix it by not replacing the sh_key when it returns\nerrors from sctp_auth_asoc_init_active_key() in sctp_auth_set_key().\nFor sctp_auth_set_active_key(), old active_key_id will be set back\nto asoc-\u003eactive_key_id when the same thing happens.",
"id": "GHSA-2hwr-p3mh-h7f6",
"modified": "2025-11-24T21:30:56Z",
"published": "2025-09-15T15:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50243"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/022152aaebe116a25c39818a07e175a8cd3c1e11"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0f90099d18e3abdc01babf686f41f63fe04939c1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/19d636b663e0e92951bba5fced929ca7fd25c552"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/382ff44716603a54f5fd238ddec6a2468e217612"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3b0fcf5e29c0940e1169ce9c44f73edd98bdf12d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b8fa99a3a11bdd77fef6b4a97f1021eb30b5ba40"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f65955340e0044f5c41ac799a01698ac7dee8a4e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2J29-6F2F-79FX
Vulnerability from github – Published: 2026-06-15 21:30 – Updated: 2026-06-15 21:30A heap use-after-free in the gf_node_get_tag function (scenegraph/base_scenegraph.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
{
"affected": [],
"aliases": [
"CVE-2025-55644"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-15T20:16:23Z",
"severity": "MODERATE"
},
"details": "A heap use-after-free in the gf_node_get_tag function (scenegraph/base_scenegraph.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.",
"id": "GHSA-2j29-6f2f-79fx",
"modified": "2026-06-15T21:30:37Z",
"published": "2026-06-15T21:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55644"
},
{
"type": "WEB",
"url": "https://infosec.exchange/@sigdevel/116736836762980573"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/06/13/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2J2W-8GVJ-WJMJ
Vulnerability from github – Published: 2023-07-11 12:30 – Updated: 2024-04-04 05:56A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.
{
"affected": [],
"aliases": [
"CVE-2023-3269"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-11T12:15:10Z",
"severity": "HIGH"
},
"details": "A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.",
"id": "GHSA-2j2w-8gvj-wjmj",
"modified": "2024-04-04T05:56:14Z",
"published": "2023-07-11T12:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3269"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2023-3269"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215268"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6AAA64CUPSMBW6XDTXPQJ3KQWYQ4K7L"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230908-0001"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2023/07/05/1"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Jul/43"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/07/28/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/08/25/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/08/25/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2J4W-P7QH-8G4G
Vulnerability from github – Published: 2022-07-28 00:00 – Updated: 2022-08-04 00:00Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.
{
"affected": [],
"aliases": [
"CVE-2022-1866"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-27T22:15:00Z",
"severity": "HIGH"
},
"details": "Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.",
"id": "GHSA-2j4w-p7qh-8g4g",
"modified": "2022-08-04T00:00:23Z",
"published": "2022-07-28T00:00:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1866"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1292264"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-25"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2J56-FCWX-7Q33
Vulnerability from github – Published: 2022-05-14 01:57 – Updated: 2022-05-14 01:57An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
{
"affected": [],
"aliases": [
"CVE-2018-16295"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-08T16:29:00Z",
"severity": "HIGH"
},
"details": "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.",
"id": "GHSA-2j56-fcwx-7q33",
"modified": "2022-05-14T01:57:31Z",
"published": "2022-05-14T01:57:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16295"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041769"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.