CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9811 vulnerabilities reference this CWE, most recent first.
GHSA-7GHG-HPV2-5CHP
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-05-24 17:47Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2021-21199"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-09T22:15:00Z",
"severity": "HIGH"
},
"details": "Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"id": "GHSA-7ghg-hpv2-5chp",
"modified": "2022-05-24T17:47:04Z",
"published": "2022-05-24T17:47:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21199"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1179635"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202104-08"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-7GJF-R94H-P24F
Vulnerability from github – Published: 2026-06-29 21:32 – Updated: 2026-06-30 00:31A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
{
"affected": [],
"aliases": [
"CVE-2026-43727"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-29T20:17:37Z",
"severity": "MODERATE"
},
"details": "A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.",
"id": "GHSA-7gjf-r94h-p24f",
"modified": "2026-06-30T00:31:29Z",
"published": "2026-06-29T21:32:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43727"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/127594"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/127595"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/127685"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GJR-4Q4C-F8JX
Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2021-21213"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-26T17:15:00Z",
"severity": "HIGH"
},
"details": "Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"id": "GHSA-7gjr-4q4c-f8jx",
"modified": "2022-05-24T17:48:52Z",
"published": "2022-05-24T17:48:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21213"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1161806"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202104-08"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4906"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-7GM6-68GC-836H
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network.
{
"affected": [],
"aliases": [
"CVE-2026-57092"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:18:33Z",
"severity": "CRITICAL"
},
"details": "Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network.",
"id": "GHSA-7gm6-68gc-836h",
"modified": "2026-07-14T18:32:39Z",
"published": "2026-07-14T18:32:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-57092"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57092"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GQ4-2PH9-C8G7
Vulnerability from github – Published: 2024-03-20 18:30 – Updated: 2024-04-01 15:30Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
{
"affected": [],
"aliases": [
"CVE-2024-2627"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-20T17:15:07Z",
"severity": "HIGH"
},
"details": "Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"id": "GHSA-7gq4-2ph9-c8g7",
"modified": "2024-04-01T15:30:28Z",
"published": "2024-03-20T18:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2627"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/41493290"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GV2-7HHR-4FM9
Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2025-12-11 18:30In the Linux kernel, the following vulnerability has been resolved:
rpmsg: char: Avoid double destroy of default endpoint
The rpmsg_dev_remove() in rpmsg_core is the place for releasing this default endpoint.
So need to avoid destroying the default endpoint in rpmsg_chrdev_eptdev_destroy(), this should be the same as rpmsg_eptdev_release(). Otherwise there will be double destroy issue that ept->refcount report warning:
refcount_t: underflow; use-after-free.
Call trace: refcount_warn_saturate+0xf8/0x150 virtio_rpmsg_destroy_ept+0xd4/0xec rpmsg_dev_remove+0x60/0x70
The issue can be reproduced by stopping remoteproc before closing the /dev/rpmsgX.
{
"affected": [],
"aliases": [
"CVE-2022-50421"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-01T12:15:33Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: char: Avoid double destroy of default endpoint\n\nThe rpmsg_dev_remove() in rpmsg_core is the place for releasing\nthis default endpoint.\n\nSo need to avoid destroying the default endpoint in\nrpmsg_chrdev_eptdev_destroy(), this should be the same as\nrpmsg_eptdev_release(). Otherwise there will be double destroy\nissue that ept-\u003erefcount report warning:\n\nrefcount_t: underflow; use-after-free.\n\nCall trace:\n refcount_warn_saturate+0xf8/0x150\n virtio_rpmsg_destroy_ept+0xd4/0xec\n rpmsg_dev_remove+0x60/0x70\n\nThe issue can be reproduced by stopping remoteproc before\nclosing the /dev/rpmsgX.",
"id": "GHSA-7gv2-7hhr-4fm9",
"modified": "2025-12-11T18:30:35Z",
"published": "2025-10-01T12:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50421"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3f20ef7a845c2c8d7ec82ecffa20d95cab5ecfeb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/467233a4ac29b215d492843d067a9f091e6bf0c5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ef828a39d6a7028836eaf37df3ad568c8c2dd6f9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7GXQ-23XX-MVH2
Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
{
"affected": [],
"aliases": [
"CVE-2019-5721"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-08T23:29:00Z",
"severity": "MODERATE"
},
"details": "In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.",
"id": "GHSA-7gxq-23xx-mvh2",
"modified": "2022-05-13T01:27:49Z",
"published": "2022-05-13T01:27:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5721"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14470"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1c66174ec7aa19e2ddc79178cf59f15a654fc4fe"
},
{
"type": "WEB",
"url": "https://www.wireshark.org/security/wnpa-sec-2019-05.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7H23-57PG-3HWC
Vulnerability from github – Published: 2025-01-28 00:32 – Updated: 2026-04-02 21:32A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
{
"affected": [],
"aliases": [
"CVE-2025-24085"
],
"database_specific": {
"cwe_ids": [
"CWE-276",
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-27T22:15:14Z",
"severity": "HIGH"
},
"details": "A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.",
"id": "GHSA-7h23-57pg-3hwc",
"modified": "2026-04-02T21:32:06Z",
"published": "2025-01-28T00:32:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24085"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/vulnrichment/issues/194"
},
{
"type": "WEB",
"url": "https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122066"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122068"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122071"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122072"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122073"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122372"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122374"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122375"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24085"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/10"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/5"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Apr/9"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Jan/12"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Jan/13"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Jan/15"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Jan/19"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Jun/19"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Oct/1"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Oct/23"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Oct/30"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Oct/31"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7H5M-97M9-X6W8
Vulnerability from github – Published: 2024-09-18 09:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
VMCI: Fix use-after-free when removing resource in vmci_resource_remove()
When removing a resource from vmci_resource_table in vmci_resource_remove(), the search is performed using the resource handle by comparing context and resource fields.
It is possible though to create two resources with different types but same handle (same context and resource fields).
When trying to remove one of the resources, vmci_resource_remove() may not remove the intended one, but the object will still be freed as in the case of the datagram type in vmci_datagram_destroy_handle(). vmci_resource_table will still hold a pointer to this freed resource leading to a use-after-free vulnerability.
BUG: KASAN: use-after-free in vmci_handle_is_equal include/linux/vmw_vmci_defs.h:142 [inline] BUG: KASAN: use-after-free in vmci_resource_remove+0x3a1/0x410 drivers/misc/vmw_vmci/vmci_resource.c:147 Read of size 4 at addr ffff88801c16d800 by task syz-executor197/1592 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x82/0xa9 lib/dump_stack.c:106 print_address_description.constprop.0+0x21/0x366 mm/kasan/report.c:239 __kasan_report.cold+0x7f/0x132 mm/kasan/report.c:425 kasan_report+0x38/0x51 mm/kasan/report.c:442 vmci_handle_is_equal include/linux/vmw_vmci_defs.h:142 [inline] vmci_resource_remove+0x3a1/0x410 drivers/misc/vmw_vmci/vmci_resource.c:147 vmci_qp_broker_detach+0x89a/0x11b9 drivers/misc/vmw_vmci/vmci_queue_pair.c:2182 ctx_free_ctx+0x473/0xbe1 drivers/misc/vmw_vmci/vmci_context.c:444 kref_put include/linux/kref.h:65 [inline] vmci_ctx_put drivers/misc/vmw_vmci/vmci_context.c:497 [inline] vmci_ctx_destroy+0x170/0x1d6 drivers/misc/vmw_vmci/vmci_context.c:195 vmci_host_close+0x125/0x1ac drivers/misc/vmw_vmci/vmci_host.c:143 __fput+0x261/0xa34 fs/file_table.c:282 task_work_run+0xf0/0x194 kernel/task_work.c:164 tracehook_notify_resume include/linux/tracehook.h:189 [inline] exit_to_user_mode_loop+0x184/0x189 kernel/entry/common.c:187 exit_to_user_mode_prepare+0x11b/0x123 kernel/entry/common.c:220 __syscall_exit_to_user_mode_work kernel/entry/common.c:302 [inline] syscall_exit_to_user_mode+0x18/0x42 kernel/entry/common.c:313 do_syscall_64+0x41/0x85 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x6e/0x0
This change ensures the type is also checked when removing the resource from vmci_resource_table in vmci_resource_remove().
{
"affected": [],
"aliases": [
"CVE-2024-46738"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-18T08:15:03Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Fix use-after-free when removing resource in vmci_resource_remove()\n\nWhen removing a resource from vmci_resource_table in\nvmci_resource_remove(), the search is performed using the resource\nhandle by comparing context and resource fields.\n\nIt is possible though to create two resources with different types\nbut same handle (same context and resource fields).\n\nWhen trying to remove one of the resources, vmci_resource_remove()\nmay not remove the intended one, but the object will still be freed\nas in the case of the datagram type in vmci_datagram_destroy_handle().\nvmci_resource_table will still hold a pointer to this freed resource\nleading to a use-after-free vulnerability.\n\nBUG: KASAN: use-after-free in vmci_handle_is_equal include/linux/vmw_vmci_defs.h:142 [inline]\nBUG: KASAN: use-after-free in vmci_resource_remove+0x3a1/0x410 drivers/misc/vmw_vmci/vmci_resource.c:147\nRead of size 4 at addr ffff88801c16d800 by task syz-executor197/1592\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x82/0xa9 lib/dump_stack.c:106\n print_address_description.constprop.0+0x21/0x366 mm/kasan/report.c:239\n __kasan_report.cold+0x7f/0x132 mm/kasan/report.c:425\n kasan_report+0x38/0x51 mm/kasan/report.c:442\n vmci_handle_is_equal include/linux/vmw_vmci_defs.h:142 [inline]\n vmci_resource_remove+0x3a1/0x410 drivers/misc/vmw_vmci/vmci_resource.c:147\n vmci_qp_broker_detach+0x89a/0x11b9 drivers/misc/vmw_vmci/vmci_queue_pair.c:2182\n ctx_free_ctx+0x473/0xbe1 drivers/misc/vmw_vmci/vmci_context.c:444\n kref_put include/linux/kref.h:65 [inline]\n vmci_ctx_put drivers/misc/vmw_vmci/vmci_context.c:497 [inline]\n vmci_ctx_destroy+0x170/0x1d6 drivers/misc/vmw_vmci/vmci_context.c:195\n vmci_host_close+0x125/0x1ac drivers/misc/vmw_vmci/vmci_host.c:143\n __fput+0x261/0xa34 fs/file_table.c:282\n task_work_run+0xf0/0x194 kernel/task_work.c:164\n tracehook_notify_resume include/linux/tracehook.h:189 [inline]\n exit_to_user_mode_loop+0x184/0x189 kernel/entry/common.c:187\n exit_to_user_mode_prepare+0x11b/0x123 kernel/entry/common.c:220\n __syscall_exit_to_user_mode_work kernel/entry/common.c:302 [inline]\n syscall_exit_to_user_mode+0x18/0x42 kernel/entry/common.c:313\n do_syscall_64+0x41/0x85 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x6e/0x0\n\nThis change ensures the type is also checked when removing\nthe resource from vmci_resource_table in vmci_resource_remove().",
"id": "GHSA-7h5m-97m9-x6w8",
"modified": "2025-11-04T00:31:29Z",
"published": "2024-09-18T09:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46738"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/00fe5292f081f8d773e572df8e03bf6e1855fe49"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/39e7e593418ccdbd151f2925fa6be1a616d16c96"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/48b9a8dabcc3cf5f961b2ebcd8933bf9204babb7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6c563a29857aa8053b67ee141191f69757f27f6e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b243d52b5f6f59f9d39e69b191fb3d58b94a43b1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b9efdf333174468651be40390cbc79c9f55d9cce"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ef5f4d0c5ee22d4f873116fec844ff6edaf3fa7d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f6365931bf7c07b2b397dbb06a4f6573cc9fae73"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7H5W-R4X3-245G
Vulnerability from github – Published: 2024-11-04 12:32 – Updated: 2024-11-04 12:32Transient DOS while parsing fragments of MBSSID IE from beacon frame.
{
"affected": [],
"aliases": [
"CVE-2024-33068"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-04T10:15:06Z",
"severity": "HIGH"
},
"details": "Transient DOS while parsing fragments of MBSSID IE from beacon frame.",
"id": "GHSA-7h5w-r4x3-245g",
"modified": "2024-11-04T12:32:56Z",
"published": "2024-11-04T12:32:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33068"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.