Common Weakness Enumeration

CWE-416

Allowed

Use After Free

Abstraction: Variant · Status: Stable

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

9821 vulnerabilities reference this CWE, most recent first.

GHSA-8V45-83MV-7J9C

Vulnerability from github – Published: 2021-11-19 00:00 – Updated: 2024-02-27 18:46
VLAI
Details

In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0664"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-18T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In ccu, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827158; Issue ID: ALPS05827158.",
  "id": "GHSA-8v45-83mv-7j9c",
  "modified": "2024-02-27T18:46:12Z",
  "published": "2021-11-19T00:00:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0664"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8V47-XFH7-92FH

Vulnerability from github – Published: 2022-02-27 00:00 – Updated: 2025-05-05 18:31
VLAI
Details

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-23308"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-26T05:15:00Z",
    "severity": "HIGH"
  },
  "details": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
  "id": "GHSA-8v47-xfh7-92fh",
  "modified": "2025-05-05T18:31:38Z",
  "published": "2022-02-27T00:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23308"
    },
    {
      "type": "WEB",
      "url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202210-03"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220331-0008"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213253"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213254"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213255"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213256"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213257"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213258"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/33"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/34"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/35"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/36"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/37"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/May/38"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8V49-2R9R-V9PR

Vulnerability from github – Published: 2023-10-30 18:30 – Updated: 2023-11-04 03:30
VLAI
Details

In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-21361"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-30T17:15:51Z",
    "severity": "HIGH"
  },
  "details": "In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-8v49-2r9r-v9pr",
  "modified": "2023-11-04T03:30:19Z",
  "published": "2023-10-30T18:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21361"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/docs/security/bulletin/android-14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8V4M-GQX8-68XH

Vulnerability from github – Published: 2022-05-17 00:53 – Updated: 2022-05-17 00:53
VLAI
Details

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-6966"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-17T09:59:00Z",
    "severity": "MODERATE"
  },
  "details": "readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.",
  "id": "GHSA-8v4m-gqx8-68xh",
  "modified": "2022-05-17T00:53:09Z",
  "published": "2022-05-17T00:53:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6966"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201709-02"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21139"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8V63-Q3XV-FGPW

Vulnerability from github – Published: 2025-08-27 00:31 – Updated: 2025-08-27 15:33
VLAI
Details

In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0084"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-26T23:15:33Z",
    "severity": "HIGH"
  },
  "details": "In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-8v63-q3xv-fgpw",
  "modified": "2025-08-27T15:33:14Z",
  "published": "2025-08-27T00:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0084"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/94c565214e3496fbaade9efed8be41d6425ba21e"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2025-03-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8V67-HW4Q-4844

Vulnerability from github – Published: 2023-05-09 18:30 – Updated: 2025-10-22 00:32
VLAI
Details

Win32k Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-29336"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-09T18:15:13Z",
    "severity": "HIGH"
  },
  "details": "Win32k Elevation of Privilege Vulnerability",
  "id": "GHSA-8v67-hw4q-4844",
  "modified": "2025-10-22T00:32:44Z",
  "published": "2023-05-09T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29336"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29336"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/52301"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8V73-Q7G9-Q8GQ

Vulnerability from github – Published: 2022-05-24 17:04 – Updated: 2022-05-24 17:04
VLAI
Details

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-8610"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-18T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",
  "id": "GHSA-8v73-q7g9-q8gq",
  "modified": "2022-05-24T17:04:20Z",
  "published": "2022-05-24T17:04:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8610"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT210118"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT210119"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT210120"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT210123"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT210124"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT210125"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT210212"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-8V7F-42W3-8HVW

Vulnerability from github – Published: 2022-05-14 02:11 – Updated: 2023-01-24 03:30
VLAI
Details

Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-0898"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-02-23T21:55:00Z",
    "severity": "HIGH"
  },
  "details": "Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL.",
  "id": "GHSA-8v7f-42w3-8hvw",
  "modified": "2023-01-24T03:30:19Z",
  "published": "2022-05-14T02:11:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0898"
    },
    {
      "type": "WEB",
      "url": "https://code.google.com/p/chromium/issues/detail?id=164643"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16569"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-8V9H-CMM6-Q9VJ

Vulnerability from github – Published: 2022-05-24 17:30 – Updated: 2022-05-24 17:30
VLAI
Details

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-5988"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-02T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.",
  "id": "GHSA-8v9h-cmm6-q9vj",
  "modified": "2022-05-24T17:30:04Z",
  "published": "2022-05-24T17:30:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5988"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-8V9X-3CF3-42HP

Vulnerability from github – Published: 2022-05-14 02:21 – Updated: 2022-05-14 02:21
VLAI
Details

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-7880"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-12-15T06:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.",
  "id": "GHSA-8v9x-3cf3-42hp",
  "modified": "2022-05-14T02:21:34Z",
  "published": "2022-05-14T02:21:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7880"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-39.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201701-17"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2947.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94873"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037442"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Strategy: Language Selection

Choose a language that provides automatic memory management.

Mitigation
Implementation

Strategy: Attack Surface Reduction

When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.

No CAPEC attack patterns related to this CWE.