CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9811 vulnerabilities reference this CWE, most recent first.
GHSA-83VM-WG7J-77HW
Vulnerability from github – Published: 2024-07-29 15:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
filelock: fix potential use-after-free in posix_lock_inode
Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode's list. However, before the tracepoint could fire, another task raced in and freed that lock.
Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn't happen.
{
"affected": [],
"aliases": [
"CVE-2024-41049"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-29T15:15:13Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilelock: fix potential use-after-free in posix_lock_inode\n\nLight Hsieh reported a KASAN UAF warning in trace_posix_lock_inode().\nThe request pointer had been changed earlier to point to a lock entry\nthat was added to the inode\u0027s list. However, before the tracepoint could\nfire, another task raced in and freed that lock.\n\nFix this by moving the tracepoint inside the spinlock, which should\nensure that this doesn\u0027t happen.",
"id": "GHSA-83vm-wg7j-77hw",
"modified": "2025-11-04T00:31:00Z",
"published": "2024-07-29T15:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41049"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/02a8964260756c70b20393ad4006948510ac9967"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/116599f6a26906cf33f67975c59f0692ecf7e9b2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1b3ec4f7c03d4b07bad70697d7e2f4088d2cfe92"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1cbbb3d9475c403ebedc327490c7c2b991398197"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/432b06b69d1d354a171f7499141116536579eb6a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5cb36e35bc10ea334810937990c2b9023dacb1b0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7d4c14f4b511fd4c0dc788084ae59b4656ace58b"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-83WX-V283-85G9
Vulnerability from github – Published: 2024-01-04 03:30 – Updated: 2025-06-18 18:30Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
{
"affected": [],
"aliases": [
"CVE-2024-0224"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-04T02:15:29Z",
"severity": "HIGH"
},
"details": "Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"id": "GHSA-83wx-v283-85g9",
"modified": "2025-06-18T18:30:22Z",
"published": "2024-01-04T03:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0224"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1505086"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-34"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-83XX-MVRJ-G933
Vulnerability from github – Published: 2022-06-22 00:00 – Updated: 2022-06-30 00:00Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c.
{
"affected": [],
"aliases": [
"CVE-2022-32414"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-21T13:15:00Z",
"severity": "MODERATE"
},
"details": "Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c.",
"id": "GHSA-83xx-mvrj-g933",
"modified": "2022-06-30T00:00:42Z",
"published": "2022-06-22T00:00:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32414"
},
{
"type": "WEB",
"url": "https://github.com/nginx/njs/issues/483"
},
{
"type": "WEB",
"url": "https://github.com/nginx/njs/commit/31ed93a5623f24ca94e6d47e895ba735d9d97d46"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-842W-QV52-HPW3
Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2023-05-27 06:30An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.
{
"affected": [],
"aliases": [
"CVE-2020-35980"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-21T16:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.",
"id": "GHSA-842w-qv52-hpw3",
"modified": "2023-05-27T06:30:36Z",
"published": "2022-05-24T17:48:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35980"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/issues/1661"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/commit/5aba27604d957e960d8069d85ccaf868f8a7b07a"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5411"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-843W-9CHM-9MVW
Vulnerability from github – Published: 2022-05-14 01:30 – Updated: 2022-05-14 01:30Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.
{
"affected": [],
"aliases": [
"CVE-2019-5882"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-09T23:29:00Z",
"severity": "CRITICAL"
},
"details": "Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.",
"id": "GHSA-843w-9chm-9mvw",
"modified": "2022-05-14T01:30:57Z",
"published": "2022-05-14T01:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5882"
},
{
"type": "WEB",
"url": "https://github.com/irssi/irssi/pull/948"
},
{
"type": "WEB",
"url": "https://irssi.org/NEWS/#v1-1-2"
},
{
"type": "WEB",
"url": "https://irssi.org/security/irssi_sa_2019_01.txt"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3862-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8467-F3PR-377C
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-05-24 19:09This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14023.
{
"affected": [],
"aliases": [
"CVE-2021-34833"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-04T16:15:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14023.",
"id": "GHSA-8467-f3pr-377c",
"modified": "2022-05-24T19:09:58Z",
"published": "2022-05-24T19:09:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34833"
},
{
"type": "WEB",
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-915"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-8492-V5JH-M4R5
Vulnerability from github – Published: 2024-09-02 06:30 – Updated: 2024-09-02 06:30in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.
{
"affected": [],
"aliases": [
"CVE-2024-41157"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-02T05:15:16Z",
"severity": "HIGH"
},
"details": "in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.",
"id": "GHSA-8492-v5jh-m4r5",
"modified": "2024-09-02T06:30:49Z",
"published": "2024-09-02T06:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41157"
},
{
"type": "WEB",
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-849G-HFFP-Q3MH
Vulnerability from github – Published: 2022-05-14 03:04 – Updated: 2022-05-14 03:04In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.
{
"affected": [],
"aliases": [
"CVE-2018-3564"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-06T17:29:00Z",
"severity": "HIGH"
},
"details": "In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.",
"id": "GHSA-849g-hffp-q3mh",
"modified": "2022-05-14T03:04:21Z",
"published": "2022-05-14T03:04:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3564"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-components"
},
{
"type": "WEB",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=782cd411398e3cf2aca1615ab2649df0c46920ee"
},
{
"type": "WEB",
"url": "https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-849R-JPQC-FM29
Vulnerability from github – Published: 2024-08-16 21:32 – Updated: 2024-08-16 21:32Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-43472"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-16T20:15:13Z",
"severity": "MODERATE"
},
"details": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability",
"id": "GHSA-849r-jpqc-fm29",
"modified": "2024-08-16T21:32:36Z",
"published": "2024-08-16T21:32:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43472"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43472"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-84C6-X9X8-7Q38
Vulnerability from github – Published: 2023-09-27 15:30 – Updated: 2025-05-02 18:31A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2023-39434"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-27T15:18:56Z",
"severity": "HIGH"
},
"details": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.",
"id": "GHSA-84c6-x9x8-7q38",
"modified": "2025-05-02T18:31:25Z",
"published": "2023-09-27T15:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39434"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-33"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213937"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213938"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213940"
},
{
"type": "WEB",
"url": "https://webkitgtk.org/security/WSA-2023-0009.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/3"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/8"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/9"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.