CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9820 vulnerabilities reference this CWE, most recent first.
GHSA-8GM5-39W5-QGQW
Vulnerability from github – Published: 2022-05-24 16:53 – Updated: 2023-08-11 21:30An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry.
{
"affected": [],
"aliases": [
"CVE-2016-10905"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-19T02:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2_clear_rgrpd and read_rindex_entry.",
"id": "GHSA-8gm5-39w5-qgqw",
"modified": "2023-08-11T21:30:37Z",
"published": "2022-05-24T16:53:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10905"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36e4ad0316c017d5b271378ed9a1c9a4b77fab5f"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K31332013"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K31332013?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4145-1"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8GP3-QC4X-VW92
Vulnerability from github – Published: 2022-05-14 01:57 – Updated: 2022-05-14 01:57An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
{
"affected": [],
"aliases": [
"CVE-2018-16294"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-08T16:29:00Z",
"severity": "HIGH"
},
"details": "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.",
"id": "GHSA-8gp3-qc4x-vw92",
"modified": "2022-05-14T01:57:31Z",
"published": "2022-05-14T01:57:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16294"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041769"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8GQ3-Q7C3-RJHV
Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2025-11-03 21:30A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
{
"affected": [],
"aliases": [
"CVE-2021-42378"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-15T21:15:00Z",
"severity": "HIGH"
},
"details": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function",
"id": "GHSA-8gq3-q7c3-rjhv",
"modified": "2025-11-03T21:30:35Z",
"published": "2022-05-24T19:20:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42378"
},
{
"type": "WEB",
"url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog"
},
{
"type": "WEB",
"url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00012.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20211223-0002"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8GQ6-M624-5HX9
Vulnerability from github – Published: 2022-03-19 00:00 – Updated: 2022-03-26 00:00A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2022-22590"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-18T18:15:00Z",
"severity": "HIGH"
},
"details": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.",
"id": "GHSA-8gq6-m624-5hx9",
"modified": "2022-03-26T00:00:48Z",
"published": "2022-03-19T00:00:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22590"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-39"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213053"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213054"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213057"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213058"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213059"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8GVR-7H6W-Q2CV
Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2022-10-07 18:16FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.
{
"affected": [],
"aliases": [
"CVE-2020-13904"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-07T19:15:00Z",
"severity": "MODERATE"
},
"details": "FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.",
"id": "GHSA-8gvr-7h6w-q2cv",
"modified": "2022-10-07T18:16:21Z",
"published": "2022-05-24T17:19:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13904"
},
{
"type": "WEB",
"url": "https://github.com/FFmpeg/FFmpeg/commit/6959358683c7533f586c07a766acc5fe9544d8b2"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00022.html"
},
{
"type": "WEB",
"url": "https://patchwork.ffmpeg.org/project/ffmpeg/patch/20200529033905.41926-1-lq@chinaffmpeg.org"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202007-58"
},
{
"type": "WEB",
"url": "https://trac.ffmpeg.org/ticket/8673"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4431-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4722"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8GXF-MFG7-C3XR
Vulnerability from github – Published: 2022-07-26 00:01 – Updated: 2022-07-28 00:00Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2022-1308"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-25T14:15:00Z",
"severity": "HIGH"
},
"details": "Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"id": "GHSA-8gxf-mfg7-c3xr",
"modified": "2022-07-28T00:00:48Z",
"published": "2022-07-26T00:01:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1308"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1283050"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-25"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8H2P-FFRC-W7HM
Vulnerability from github – Published: 2025-05-13 18:30 – Updated: 2025-10-22 00:33Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-32701"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-13T17:16:02Z",
"severity": "HIGH"
},
"details": "Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-8h2p-ffrc-w7hm",
"modified": "2025-10-22T00:33:18Z",
"published": "2025-05-13T18:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32701"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32701"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32701"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8H33-8FFG-2JC8
Vulnerability from github – Published: 2022-05-24 16:50 – Updated: 2024-04-04 01:20A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
{
"affected": [],
"aliases": [
"CVE-2019-11692"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-23T14:15:00Z",
"severity": "CRITICAL"
},
"details": "A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60.7, Firefox \u003c 67, and Firefox ESR \u003c 60.7.",
"id": "GHSA-8h33-8ffg-2jc8",
"modified": "2024-04-04T01:20:43Z",
"published": "2022-05-24T16:50:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11692"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1544670"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-13"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-14"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-15"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8H37-V9PC-M6V6
Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48Through routine static code analysis of the Juniper Networks Junos OS software codebase, the Secure Development Life Cycle team identified a Use After Free vulnerability in PFE packet processing on the QFX10002-60C switching platform. Exploitation of this vulnerability may allow a logically adjacent attacker to trigger a Denial of Service (DoS). Continued exploitation of this vulnerability will sustain the Denial of Service (DoS) condition. This issue only affects QFX10002-60C devices. No other product or platform is vulnerable to this issue. This issue affects Juniper Networks Junos OS on QFX10002-60C: 19.1 version 19.1R3-S1 and later versions; 19.1 versions prior to 19.1R3-S3; 19.2 version 19.2R2 and later versions; 19.2 versions prior to 19.2R3-S1; 20.2 versions prior to 20.2R1-S2. This issue does not affect Juniper Networks Junos OS: versions prior to 19.1R3; 19.2 versions prior to 19.2R2; any version of 19.3; version 20.2R2 and later releases.
{
"affected": [],
"aliases": [
"CVE-2021-0262"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-22T20:15:00Z",
"severity": "MODERATE"
},
"details": "Through routine static code analysis of the Juniper Networks Junos OS software codebase, the Secure Development Life Cycle team identified a Use After Free vulnerability in PFE packet processing on the QFX10002-60C switching platform. Exploitation of this vulnerability may allow a logically adjacent attacker to trigger a Denial of Service (DoS). Continued exploitation of this vulnerability will sustain the Denial of Service (DoS) condition. This issue only affects QFX10002-60C devices. No other product or platform is vulnerable to this issue. This issue affects Juniper Networks Junos OS on QFX10002-60C: 19.1 version 19.1R3-S1 and later versions; 19.1 versions prior to 19.1R3-S3; 19.2 version 19.2R2 and later versions; 19.2 versions prior to 19.2R3-S1; 20.2 versions prior to 20.2R1-S2. This issue does not affect Juniper Networks Junos OS: versions prior to 19.1R3; 19.2 versions prior to 19.2R2; any version of 19.3; version 20.2R2 and later releases.",
"id": "GHSA-8h37-v9pc-m6v6",
"modified": "2022-05-24T17:48:14Z",
"published": "2022-05-24T17:48:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0262"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA11153"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-8H3G-5W8F-55GV
Vulnerability from github – Published: 2022-05-13 01:15 – Updated: 2024-10-21 18:30Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
{
"affected": [],
"aliases": [
"CVE-2012-1539"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-11-14T00:55:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka \"CTreePos Use After Free Vulnerability.\"",
"id": "GHSA-8h3g-5w8f-55gv",
"modified": "2024-10-21T18:30:43Z",
"published": "2022-05-13T01:15:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1539"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-071"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15886"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/51202"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/56421"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1027749"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-318A.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.