Common Weakness Enumeration

CWE-416

Allowed

Use After Free

Abstraction: Variant · Status: Stable

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

9821 vulnerabilities reference this CWE, most recent first.

GHSA-92JC-4J34-WJ49

Vulnerability from github – Published: 2024-11-12 18:30 – Updated: 2024-11-12 18:30
VLAI
Details

Microsoft Windows VMSwitch Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-43625"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-12T18:15:30Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Windows VMSwitch Elevation of Privilege Vulnerability",
  "id": "GHSA-92jc-4j34-wj49",
  "modified": "2024-11-12T18:30:58Z",
  "published": "2024-11-12T18:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43625"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43625"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92JC-J25W-49C2

Vulnerability from github – Published: 2022-05-25 00:00 – Updated: 2022-06-02 00:00
VLAI
Details

A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42614"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-24T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.",
  "id": "GHSA-92jc-j25w-49c2",
  "modified": "2022-06-02T00:00:40Z",
  "published": "2022-05-25T00:00:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42614"
    },
    {
      "type": "WEB",
      "url": "https://carteryagemann.com/halibut-case-study.html#poc-halibut-info-uaf"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CC7UZ7NRXDA7YSCSGWE2CBQM7OZS3K2R"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92PX-PRX4-PM8C

Vulnerability from github – Published: 2022-05-17 01:18 – Updated: 2025-04-12 13:02
VLAI
Details

Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-4625"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-07-22T02:59:00Z",
    "severity": "HIGH"
  },
  "details": "Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.",
  "id": "GHSA-92px-prx4-pm8c",
  "modified": "2025-04-12T13:02:47Z",
  "published": "2022-05-17T01:18:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4625"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT206903"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/40653"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/40669"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91824"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036348"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92QQ-CMW4-J32X

Vulnerability from github – Published: 2022-05-13 01:26 – Updated: 2022-05-13 01:26
VLAI
Details

Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2011-2853"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-09-19T12:02:00Z",
    "severity": "HIGH"
  },
  "details": "Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.",
  "id": "GHSA-92qq-cmw4-j32x",
  "modified": "2022-05-13T01:26:49Z",
  "published": "2022-05-13T01:26:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2853"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69880"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14395"
    },
    {
      "type": "WEB",
      "url": "http://code.google.com/p/chromium/issues/detail?id=91197"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/75555"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-92R6-GVJM-2F7Q

Vulnerability from github – Published: 2022-05-24 19:15 – Updated: 2022-05-24 19:15
VLAI
Details

In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0612"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-27T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.",
  "id": "GHSA-92r6-gvjm-2f7q",
  "modified": "2022-05-24T19:15:53Z",
  "published": "2022-05-24T19:15:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0612"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/September-2021"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-92R8-V8Q7-FWWR

Vulnerability from github – Published: 2022-08-25 00:00 – Updated: 2022-08-29 20:06
VLAI
Details

The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232440670

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39815"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-24T14:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232440670",
  "id": "GHSA-92r8-v8q7-fwwr",
  "modified": "2022-08-29T20:06:57Z",
  "published": "2022-08-25T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39815"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2022-08-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92V7-XCRJ-5XCX

Vulnerability from github – Published: 2022-10-15 12:01 – Updated: 2022-10-15 12:01
VLAI
Details

Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-38442"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-14T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Adobe Dimension versions 3.4.5 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-92v7-xcrj-5xcx",
  "modified": "2022-10-15T12:01:01Z",
  "published": "2022-10-15T12:01:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38442"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/dimension/apsb22-57.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92VG-PX9C-73FC

Vulnerability from github – Published: 2025-03-03 12:30 – Updated: 2025-03-03 12:30
VLAI
Details

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-43059"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-03T11:15:12Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.",
  "id": "GHSA-92vg-px9c-73fc",
  "modified": "2025-03-03T12:30:32Z",
  "published": "2025-03-03T12:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43059"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92VW-CM5R-XG2F

Vulnerability from github – Published: 2022-05-14 01:54 – Updated: 2022-05-14 01:54
VLAI
Details

A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-9069"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-18T13:29:00Z",
    "severity": "HIGH"
  },
  "details": "A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.",
  "id": "GHSA-92vw-cm5r-xg2f",
  "modified": "2022-05-14T01:54:35Z",
  "published": "2022-05-14T01:54:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9069"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1308922"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2016-89"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94337"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037298"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9324-W9GG-MXF6

Vulnerability from github – Published: 2022-05-14 03:27 – Updated: 2022-05-14 03:27
VLAI
Details

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-15129"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362",
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-09T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.",
  "id": "GHSA-9324-w9gg-mxf6",
  "modified": "2022-05-14T03:27:13Z",
  "published": "2022-05-14T03:27:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15129"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/21b5944350052d2583e82dd59b19a9ba94a007f0"
    },
    {
      "type": "WEB",
      "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3632-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3619-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3619-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3617-3"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3617-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3617-1"
    },
    {
      "type": "WEB",
      "url": "https://marc.info/?t=151370468900001\u0026r=1\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "https://marc.info/?l=linux-netdev\u0026m=151370451121029\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531174"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2017-15129"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:1946"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:1062"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:0676"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:0654"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=21b5944350052d2583e82dd59b19a9ba94a007f0"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/oss-sec/2018/q1/7"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102485"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Strategy: Language Selection

Choose a language that provides automatic memory management.

Mitigation
Implementation

Strategy: Attack Surface Reduction

When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.

No CAPEC attack patterns related to this CWE.