CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-92JC-4J34-WJ49
Vulnerability from github – Published: 2024-11-12 18:30 – Updated: 2024-11-12 18:30Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-43625"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T18:15:30Z",
"severity": "HIGH"
},
"details": "Microsoft Windows VMSwitch Elevation of Privilege Vulnerability",
"id": "GHSA-92jc-4j34-wj49",
"modified": "2024-11-12T18:30:58Z",
"published": "2024-11-12T18:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43625"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43625"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-92JC-J25W-49C2
Vulnerability from github – Published: 2022-05-25 00:00 – Updated: 2022-06-02 00:00A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.
{
"affected": [],
"aliases": [
"CVE-2021-42614"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-24T19:15:00Z",
"severity": "HIGH"
},
"details": "A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.",
"id": "GHSA-92jc-j25w-49c2",
"modified": "2022-06-02T00:00:40Z",
"published": "2022-05-25T00:00:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42614"
},
{
"type": "WEB",
"url": "https://carteryagemann.com/halibut-case-study.html#poc-halibut-info-uaf"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CC7UZ7NRXDA7YSCSGWE2CBQM7OZS3K2R"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-92PX-PRX4-PM8C
Vulnerability from github – Published: 2022-05-17 01:18 – Updated: 2025-04-12 13:02Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2016-4625"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-07-22T02:59:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.",
"id": "GHSA-92px-prx4-pm8c",
"modified": "2025-04-12T13:02:47Z",
"published": "2022-05-17T01:18:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4625"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT206903"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/40653"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/40669"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/91824"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1036348"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-92QQ-CMW4-J32X
Vulnerability from github – Published: 2022-05-13 01:26 – Updated: 2022-05-13 01:26Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
{
"affected": [],
"aliases": [
"CVE-2011-2853"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-09-19T12:02:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.",
"id": "GHSA-92qq-cmw4-j32x",
"modified": "2022-05-13T01:26:49Z",
"published": "2022-05-13T01:26:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2853"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69880"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14395"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=91197"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/75555"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-92R6-GVJM-2F7Q
Vulnerability from github – Published: 2022-05-24 19:15 – Updated: 2022-05-24 19:15In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.
{
"affected": [],
"aliases": [
"CVE-2021-0612"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-27T12:15:00Z",
"severity": "HIGH"
},
"details": "In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.",
"id": "GHSA-92r6-gvjm-2f7q",
"modified": "2022-05-24T19:15:53Z",
"published": "2022-05-24T19:15:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0612"
},
{
"type": "WEB",
"url": "https://corp.mediatek.com/product-security-bulletin/September-2021"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-92R8-V8Q7-FWWR
Vulnerability from github – Published: 2022-08-25 00:00 – Updated: 2022-08-29 20:06The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232440670
{
"affected": [],
"aliases": [
"CVE-2021-39815"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-24T14:15:00Z",
"severity": "CRITICAL"
},
"details": "The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232440670",
"id": "GHSA-92r8-v8q7-fwwr",
"modified": "2022-08-29T20:06:57Z",
"published": "2022-08-25T00:00:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39815"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2022-08-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-92V7-XCRJ-5XCX
Vulnerability from github – Published: 2022-10-15 12:01 – Updated: 2022-10-15 12:01Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2022-38442"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-14T20:15:00Z",
"severity": "HIGH"
},
"details": "Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-92v7-xcrj-5xcx",
"modified": "2022-10-15T12:01:01Z",
"published": "2022-10-15T12:01:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38442"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/dimension/apsb22-57.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-92VG-PX9C-73FC
Vulnerability from github – Published: 2025-03-03 12:30 – Updated: 2025-03-03 12:30Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
{
"affected": [],
"aliases": [
"CVE-2024-43059"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-03T11:15:12Z",
"severity": "HIGH"
},
"details": "Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.",
"id": "GHSA-92vg-px9c-73fc",
"modified": "2025-03-03T12:30:32Z",
"published": "2025-03-03T12:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43059"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-92VW-CM5R-XG2F
Vulnerability from github – Published: 2022-05-14 01:54 – Updated: 2022-05-14 01:54A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
{
"affected": [],
"aliases": [
"CVE-2016-9069"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-18T13:29:00Z",
"severity": "HIGH"
},
"details": "A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.",
"id": "GHSA-92vw-cm5r-xg2f",
"modified": "2022-05-14T01:54:35Z",
"published": "2022-05-14T01:54:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9069"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1308922"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-89"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94337"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037298"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9324-W9GG-MXF6
Vulnerability from github – Published: 2022-05-14 03:27 – Updated: 2022-05-14 03:27A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
{
"affected": [],
"aliases": [
"CVE-2017-15129"
],
"database_specific": {
"cwe_ids": [
"CWE-362",
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-09T19:29:00Z",
"severity": "MODERATE"
},
"details": "A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.",
"id": "GHSA-9324-w9gg-mxf6",
"modified": "2022-05-14T03:27:13Z",
"published": "2022-05-14T03:27:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15129"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/21b5944350052d2583e82dd59b19a9ba94a007f0"
},
{
"type": "WEB",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3632-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3619-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3619-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3617-3"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3617-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3617-1"
},
{
"type": "WEB",
"url": "https://marc.info/?t=151370468900001\u0026r=1\u0026w=2"
},
{
"type": "WEB",
"url": "https://marc.info/?l=linux-netdev\u0026m=151370451121029\u0026w=2"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531174"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2017-15129"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1946"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0654"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=21b5944350052d2583e82dd59b19a9ba94a007f0"
},
{
"type": "WEB",
"url": "http://seclists.org/oss-sec/2018/q1/7"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102485"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.