Common Weakness Enumeration

CWE-416

Allowed

Use After Free

Abstraction: Variant · Status: Stable

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

9811 vulnerabilities reference this CWE, most recent first.

GHSA-83VM-WG7J-77HW

Vulnerability from github – Published: 2024-07-29 15:30 – Updated: 2025-11-04 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

filelock: fix potential use-after-free in posix_lock_inode

Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode's list. However, before the tracepoint could fire, another task raced in and freed that lock.

Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn't happen.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-41049"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-29T15:15:13Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilelock: fix potential use-after-free in posix_lock_inode\n\nLight Hsieh reported a KASAN UAF warning in trace_posix_lock_inode().\nThe request pointer had been changed earlier to point to a lock entry\nthat was added to the inode\u0027s list. However, before the tracepoint could\nfire, another task raced in and freed that lock.\n\nFix this by moving the tracepoint inside the spinlock, which should\nensure that this doesn\u0027t happen.",
  "id": "GHSA-83vm-wg7j-77hw",
  "modified": "2025-11-04T00:31:00Z",
  "published": "2024-07-29T15:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41049"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02a8964260756c70b20393ad4006948510ac9967"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/116599f6a26906cf33f67975c59f0692ecf7e9b2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1b3ec4f7c03d4b07bad70697d7e2f4088d2cfe92"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1cbbb3d9475c403ebedc327490c7c2b991398197"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/432b06b69d1d354a171f7499141116536579eb6a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5cb36e35bc10ea334810937990c2b9023dacb1b0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7d4c14f4b511fd4c0dc788084ae59b4656ace58b"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-83WX-V283-85G9

Vulnerability from github – Published: 2024-01-04 03:30 – Updated: 2025-06-18 18:30
VLAI
Details

Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-0224"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-04T02:15:29Z",
    "severity": "HIGH"
  },
  "details": "Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-83wx-v283-85g9",
  "modified": "2025-06-18T18:30:22Z",
  "published": "2024-01-04T03:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0224"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1505086"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-34"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-83XX-MVRJ-G933

Vulnerability from github – Published: 2022-06-22 00:00 – Updated: 2022-06-30 00:00
VLAI
Details

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32414"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-21T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c.",
  "id": "GHSA-83xx-mvrj-g933",
  "modified": "2022-06-30T00:00:42Z",
  "published": "2022-06-22T00:00:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32414"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nginx/njs/issues/483"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nginx/njs/commit/31ed93a5623f24ca94e6d47e895ba735d9d97d46"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-842W-QV52-HPW3

Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2023-05-27 06:30
VLAI
Details

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-35980"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-21T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.",
  "id": "GHSA-842w-qv52-hpw3",
  "modified": "2023-05-27T06:30:36Z",
  "published": "2022-05-24T17:48:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35980"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/issues/1661"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/commit/5aba27604d957e960d8069d85ccaf868f8a7b07a"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5411"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-843W-9CHM-9MVW

Vulnerability from github – Published: 2022-05-14 01:30 – Updated: 2022-05-14 01:30
VLAI
Details

Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-5882"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-09T23:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.",
  "id": "GHSA-843w-9chm-9mvw",
  "modified": "2022-05-14T01:30:57Z",
  "published": "2022-05-14T01:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5882"
    },
    {
      "type": "WEB",
      "url": "https://github.com/irssi/irssi/pull/948"
    },
    {
      "type": "WEB",
      "url": "https://irssi.org/NEWS/#v1-1-2"
    },
    {
      "type": "WEB",
      "url": "https://irssi.org/security/irssi_sa_2019_01.txt"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3862-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8467-F3PR-377C

Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-05-24 19:09
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14023.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-34833"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-04T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14023.",
  "id": "GHSA-8467-f3pr-377c",
  "modified": "2022-05-24T19:09:58Z",
  "published": "2022-05-24T19:09:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34833"
    },
    {
      "type": "WEB",
      "url": "https://www.foxit.com/support/security-bulletins.html"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-915"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-8492-V5JH-M4R5

Vulnerability from github – Published: 2024-09-02 06:30 – Updated: 2024-09-02 06:30
VLAI
Details

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-41157"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-02T05:15:16Z",
    "severity": "HIGH"
  },
  "details": "in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.",
  "id": "GHSA-8492-v5jh-m4r5",
  "modified": "2024-09-02T06:30:49Z",
  "published": "2024-09-02T06:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41157"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-09.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-849G-HFFP-Q3MH

Vulnerability from github – Published: 2022-05-14 03:04 – Updated: 2022-05-14 03:04
VLAI
Details

In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-3564"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-06T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.",
  "id": "GHSA-849g-hffp-q3mh",
  "modified": "2022-05-14T03:04:21Z",
  "published": "2022-05-14T03:04:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3564"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-components"
    },
    {
      "type": "WEB",
      "url": "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=782cd411398e3cf2aca1615ab2649df0c46920ee"
    },
    {
      "type": "WEB",
      "url": "https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-849R-JPQC-FM29

Vulnerability from github – Published: 2024-08-16 21:32 – Updated: 2024-08-16 21:32
VLAI
Details

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-43472"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-16T20:15:13Z",
    "severity": "MODERATE"
  },
  "details": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability",
  "id": "GHSA-849r-jpqc-fm29",
  "modified": "2024-08-16T21:32:36Z",
  "published": "2024-08-16T21:32:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43472"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43472"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-84C6-X9X8-7Q38

Vulnerability from github – Published: 2023-09-27 15:30 – Updated: 2025-05-02 18:31
VLAI
Details

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-39434"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T15:18:56Z",
    "severity": "HIGH"
  },
  "details": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.",
  "id": "GHSA-84c6-x9x8-7q38",
  "modified": "2025-05-02T18:31:25Z",
  "published": "2023-09-27T15:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39434"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-33"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213937"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213938"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213940"
    },
    {
      "type": "WEB",
      "url": "https://webkitgtk.org/security/WSA-2023-0009.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/Oct/3"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/Oct/8"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/Oct/9"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/09/28/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Strategy: Language Selection

Choose a language that provides automatic memory management.

Mitigation
Implementation

Strategy: Attack Surface Reduction

When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.

No CAPEC attack patterns related to this CWE.