Common Weakness Enumeration

CWE-416

Allowed

Use After Free

Abstraction: Variant · Status: Stable

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

9821 vulnerabilities reference this CWE, most recent first.

GHSA-3J7R-2W3C-9CCR

Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48
VLAI
Details

Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-21214"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-26T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.",
  "id": "GHSA-3j7r-2w3c-9ccr",
  "modified": "2022-05-24T17:48:50Z",
  "published": "2022-05-24T17:48:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21214"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1170148"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202104-08"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4906"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-3J8M-JCHC-W7PR

Vulnerability from github – Published: 2022-05-24 17:30 – Updated: 2022-05-24 17:30
VLAI
Details

The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-18794"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-16T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service.",
  "id": "GHSA-3j8m-jchc-w7pr",
  "modified": "2022-05-24T17:30:49Z",
  "published": "2022-05-24T17:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18794"
    },
    {
      "type": "WEB",
      "url": "https://github.com/staufnic/CVE/tree/master/CVE-2019-18794"
    },
    {
      "type": "WEB",
      "url": "http://www.un4seen.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-3J9X-J374-VQ65

Vulnerability from github – Published: 2022-08-04 00:00 – Updated: 2022-08-10 00:00
VLAI
Details

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32293"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-03T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.",
  "id": "GHSA-3j9x-j374-vq65",
  "modified": "2022-08-10T00:00:20Z",
  "published": "2022-08-04T00:00:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32293"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1200190"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi%40monom.org"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi@monom.org"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi%40monom.org"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi@monom.org"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202310-21"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5231"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JF8-X5QX-7GJM

Vulnerability from github – Published: 2022-07-19 00:00 – Updated: 2022-07-24 00:00
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16640.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-28672"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-18T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16640.",
  "id": "GHSA-3jf8-x5qx-7gjm",
  "modified": "2022-07-24T00:00:36Z",
  "published": "2022-07-19T00:00:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28672"
    },
    {
      "type": "WEB",
      "url": "https://www.foxit.com/support/security-bulletins.html"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-763"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JF9-W25V-MFP4

Vulnerability from github – Published: 2024-06-11 18:30 – Updated: 2024-06-11 18:30
VLAI
Details

Microsoft Office Remote Code Execution Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-30102"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-11T17:15:59Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Office Remote Code Execution Vulnerability",
  "id": "GHSA-3jf9-w25v-mfp4",
  "modified": "2024-06-11T18:30:49Z",
  "published": "2024-06-11T18:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30102"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30102"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JHF-JGRG-MCW3

Vulnerability from github – Published: 2025-11-04 21:31 – Updated: 2025-11-05 00:31
VLAI
Details

An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driver.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-54335"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-04T21:15:39Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driver.",
  "id": "GHSA-3jhf-jgrg-mcw3",
  "modified": "2025-11-05T00:31:33Z",
  "published": "2025-11-04T21:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54335"
    },
    {
      "type": "WEB",
      "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
    },
    {
      "type": "WEB",
      "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54335"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JP6-X76C-R4FV

Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37
VLAI
Details

A Use-after-Free issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Specially crafted .dpb files could exploit a use-after-free vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-16749"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-15T23:29:00Z",
    "severity": "HIGH"
  },
  "details": "A Use-after-Free issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Specially crafted .dpb files could exploit a use-after-free vulnerability.",
  "id": "GHSA-3jp6-x76c-r4fv",
  "modified": "2022-05-13T01:37:20Z",
  "published": "2022-05-13T01:37:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16749"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-004-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102426"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JPP-F2WM-PCVV

Vulnerability from github – Published: 2026-02-14 18:30 – Updated: 2026-06-30 03:35
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mld: cancel mlo_scan_start_wk

mlo_scan_start_wk is not canceled on disconnection. In fact, it is not canceled anywhere except in the restart cleanup, where we don't really have to.

This can cause an init-after-queue issue: if, for example, the work was queued and then drv_change_interface got executed.

This can also cause use-after-free: if the work is executed after the vif is freed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23185"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416",
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-14T17:15:56Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mld: cancel mlo_scan_start_wk\n\nmlo_scan_start_wk is not canceled on disconnection. In fact, it is not\ncanceled anywhere except in the restart cleanup, where we don\u0027t really\nhave to.\n\nThis can cause an init-after-queue issue: if, for example, the work was\nqueued and then drv_change_interface got executed.\n\nThis can also cause use-after-free: if the work is executed after the\nvif is freed.",
  "id": "GHSA-3jpp-f2wm-pcvv",
  "modified": "2026-06-30T03:35:36Z",
  "published": "2026-02-14T18:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23185"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-23185"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439925"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5ff641011ab7fb63ea101251087745d9826e8ef5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9b9f52f052f4953fecd2190ae2dde3aa76d10962"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23185.json"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JR5-GWFP-7MFW

Vulnerability from github – Published: 2026-02-24 15:30 – Updated: 2026-06-30 03:35
VLAI
Details

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-2764"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-24T14:16:24Z",
    "severity": "CRITICAL"
  },
  "details": "JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox \u003c 148, Firefox ESR \u003c 115.33, and Firefox ESR \u003c 140.8.",
  "id": "GHSA-3jr5-gwfp-7mfw",
  "modified": "2026-06-30T03:35:42Z",
  "published": "2026-02-24T15:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2764"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3338"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3982"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3983"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3984"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:4022"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:4152"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:4260"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:4432"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-2764"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012608"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442329"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2764.json"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-13"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-14"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-15"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-16"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-17"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3339"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3361"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3491"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3492"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3493"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3494"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3495"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3496"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3497"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3515"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3516"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3517"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3976"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3978"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3979"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3980"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:3981"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3JRP-G9M7-98H4

Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23
VLAI
Details

Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2012-4213"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-11-21T12:55:00Z",
    "severity": "HIGH"
  },
  "details": "Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
  "id": "GHSA-3jrp-g9m7-98h4",
  "modified": "2022-05-13T01:23:46Z",
  "published": "2022-05-13T01:23:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4213"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=795708"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16761"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51369"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51370"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51381"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51434"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51439"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51440"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-105.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/56638"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1636-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1638-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1638-2"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1638-3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation
Architecture and Design

Strategy: Language Selection

Choose a language that provides automatic memory management.

Mitigation
Implementation

Strategy: Attack Surface Reduction

When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.

No CAPEC attack patterns related to this CWE.