CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-8V45-83MV-7J9C
Vulnerability from github – Published: 2021-11-19 00:00 – Updated: 2024-02-27 18:46In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158.
{
"affected": [],
"aliases": [
"CVE-2021-0664"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-18T15:15:00Z",
"severity": "MODERATE"
},
"details": "In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158.",
"id": "GHSA-8v45-83mv-7j9c",
"modified": "2024-02-27T18:46:12Z",
"published": "2021-11-19T00:00:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0664"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8V47-XFH7-92FH
Vulnerability from github – Published: 2022-02-27 00:00 – Updated: 2025-05-05 18:31valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
{
"affected": [],
"aliases": [
"CVE-2022-23308"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-26T05:15:00Z",
"severity": "HIGH"
},
"details": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
"id": "GHSA-8v47-xfh7-92fh",
"modified": "2025-05-05T18:31:38Z",
"published": "2022-02-27T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23308"
},
{
"type": "WEB",
"url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e"
},
{
"type": "WEB",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202210-03"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220331-0008"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213253"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213254"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213255"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213256"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213257"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213258"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/34"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/36"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/37"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/38"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8V49-2R9R-V9PR
Vulnerability from github – Published: 2023-10-30 18:30 – Updated: 2023-11-04 03:30In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2023-21361"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-30T17:15:51Z",
"severity": "HIGH"
},
"details": "In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-8v49-2r9r-v9pr",
"modified": "2023-11-04T03:30:19Z",
"published": "2023-10-30T18:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21361"
},
{
"type": "WEB",
"url": "https://source.android.com/docs/security/bulletin/android-14"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8V4M-GQX8-68XH
Vulnerability from github – Published: 2022-05-17 00:53 – Updated: 2022-05-17 00:53readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.
{
"affected": [],
"aliases": [
"CVE-2017-6966"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-17T09:59:00Z",
"severity": "MODERATE"
},
"details": "readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.",
"id": "GHSA-8v4m-gqx8-68xh",
"modified": "2022-05-17T00:53:09Z",
"published": "2022-05-17T00:53:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6966"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201709-02"
},
{
"type": "WEB",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21139"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8V63-Q3XV-FGPW
Vulnerability from github – Published: 2025-08-27 00:31 – Updated: 2025-08-27 15:33In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2025-0084"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-26T23:15:33Z",
"severity": "HIGH"
},
"details": "In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-8v63-q3xv-fgpw",
"modified": "2025-08-27T15:33:14Z",
"published": "2025-08-27T00:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0084"
},
{
"type": "WEB",
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/94c565214e3496fbaade9efed8be41d6425ba21e"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2025-03-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8V67-HW4Q-4844
Vulnerability from github – Published: 2023-05-09 18:30 – Updated: 2025-10-22 00:32Win32k Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-29336"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-09T18:15:13Z",
"severity": "HIGH"
},
"details": "Win32k Elevation of Privilege Vulnerability",
"id": "GHSA-8v67-hw4q-4844",
"modified": "2025-10-22T00:32:44Z",
"published": "2023-05-09T18:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29336"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29336"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/52301"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8V73-Q7G9-Q8GQ
Vulnerability from github – Published: 2022-05-24 17:04 – Updated: 2022-05-24 17:04Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2019-8610"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-18T18:15:00Z",
"severity": "MODERATE"
},
"details": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",
"id": "GHSA-8v73-q7g9-q8gq",
"modified": "2022-05-24T17:04:20Z",
"published": "2022-05-24T17:04:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8610"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT210118"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT210119"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT210120"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT210123"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT210124"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT210125"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT210212"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-8V7F-42W3-8HVW
Vulnerability from github – Published: 2022-05-14 02:11 – Updated: 2023-01-24 03:30Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL.
{
"affected": [],
"aliases": [
"CVE-2013-0898"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-02-23T21:55:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL.",
"id": "GHSA-8v7f-42w3-8hvw",
"modified": "2023-01-24T03:30:19Z",
"published": "2022-05-14T02:11:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0898"
},
{
"type": "WEB",
"url": "https://code.google.com/p/chromium/issues/detail?id=164643"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16569"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-8V9H-CMM6-Q9VJ
Vulnerability from github – Published: 2022-05-24 17:30 – Updated: 2022-05-24 17:30NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
{
"affected": [],
"aliases": [
"CVE-2020-5988"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-10-02T21:15:00Z",
"severity": "HIGH"
},
"details": "NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.",
"id": "GHSA-8v9h-cmm6-q9vj",
"modified": "2022-05-24T17:30:04Z",
"published": "2022-05-24T17:30:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5988"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-8V9X-3CF3-42HP
Vulnerability from github – Published: 2022-05-14 02:21 – Updated: 2022-05-14 02:21Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2016-7880"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-12-15T06:59:00Z",
"severity": "CRITICAL"
},
"details": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.",
"id": "GHSA-8v9x-3cf3-42hp",
"modified": "2022-05-14T02:21:34Z",
"published": "2022-05-14T02:21:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7880"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-17"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94873"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037442"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.