CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-QF77-WCX3-JV3R
Vulnerability from github – Published: 2022-05-13 01:26 – Updated: 2022-05-13 01:26Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents.
{
"affected": [],
"aliases": [
"CVE-2011-3957"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-02-09T04:10:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents.",
"id": "GHSA-qf77-wcx3-jv3r",
"modified": "2022-05-13T01:26:54Z",
"published": "2022-05-13T01:26:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3957"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14675"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=104056"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QF7F-CCGX-QPH7
Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2023-08-02 00:30Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31176, CVE-2021-31177, CVE-2021-31179.
{
"affected": [],
"aliases": [
"CVE-2021-31175"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-11T19:15:00Z",
"severity": "HIGH"
},
"details": "Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31176, CVE-2021-31177, CVE-2021-31179.",
"id": "GHSA-qf7f-ccgx-qph7",
"modified": "2023-08-02T00:30:31Z",
"published": "2022-05-24T19:02:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31175"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31175"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-580"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QF82-94VJ-MPP3
Vulnerability from github – Published: 2025-10-10 12:30 – Updated: 2025-10-10 12:30A use after free vulnerability exists in VS6ComFile!load_link_inf of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2025-61864"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-10T11:15:44Z",
"severity": "HIGH"
},
"details": "A use after free vulnerability exists in VS6ComFile!load_link_inf of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system\u0027s abnormal end (ABEND), and arbitrary code execution.",
"id": "GHSA-qf82-94vj-mpp3",
"modified": "2025-10-10T12:30:56Z",
"published": "2025-10-10T12:30:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61864"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU90008453"
},
{
"type": "WEB",
"url": "https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QF8C-938W-PVRW
Vulnerability from github – Published: 2023-09-28 18:30 – Updated: 2024-01-31 18:31Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)
{
"affected": [],
"aliases": [
"CVE-2023-5186"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-28T16:15:10Z",
"severity": "HIGH"
},
"details": "Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)",
"id": "GHSA-qf8c-938w-pvrw",
"modified": "2024-01-31T18:31:20Z",
"published": "2023-09-28T18:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5186"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1478889"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-34"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5508"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QF8P-3M5C-7Q58
Vulnerability from github – Published: 2024-10-09 12:30 – Updated: 2024-10-09 12:30Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2024-47414"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-09T10:15:05Z",
"severity": "HIGH"
},
"details": "Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-qf8p-3m5c-7q58",
"modified": "2024-10-09T12:30:51Z",
"published": "2024-10-09T12:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47414"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/animate/apsb24-76.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QF96-XW5W-6QV3
Vulnerability from github – Published: 2025-04-04 03:30 – Updated: 2025-04-04 03:30Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.
{
"affected": [],
"aliases": [
"CVE-2025-29815"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-04T01:15:39Z",
"severity": "HIGH"
},
"details": "Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.",
"id": "GHSA-qf96-xw5w-6qv3",
"modified": "2025-04-04T03:30:20Z",
"published": "2025-04-04T03:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29815"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29815"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-QFC2-WXRW-H7H2
Vulnerability from github – Published: 2025-02-03 12:31 – Updated: 2025-02-03 18:30Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0.
{
"affected": [],
"aliases": [
"CVE-2025-0015"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-03T11:15:09Z",
"severity": "HIGH"
},
"details": "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0.",
"id": "GHSA-qfc2-wxrw-h7h2",
"modified": "2025-02-03T18:30:41Z",
"published": "2025-02-03T12:31:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0015"
},
{
"type": "WEB",
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QFC3-2VG2-G84P
Vulnerability from github – Published: 2022-12-21 15:30 – Updated: 2022-12-21 15:30In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel
{
"affected": [],
"aliases": [
"CVE-2022-20571"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-16T16:15:00Z",
"severity": "MODERATE"
},
"details": "In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel",
"id": "GHSA-qfc3-2vg2-g84p",
"modified": "2022-12-21T15:30:17Z",
"published": "2022-12-21T15:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20571"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2022-12-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QFC3-X2FP-77V6
Vulnerability from github – Published: 2022-05-14 01:41 – Updated: 2022-05-14 01:41In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, There is no synchronization between msm_vb2 buffer operations which can lead to use after free.
{
"affected": [],
"aliases": [
"CVE-2017-9704"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-20T15:29:00Z",
"severity": "HIGH"
},
"details": "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, There is no synchronization between msm_vb2 buffer operations which can lead to use after free.",
"id": "GHSA-qfc3-x2fp-77v6",
"modified": "2022-05-14T01:41:58Z",
"published": "2022-05-14T01:41:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9704"
},
{
"type": "WEB",
"url": "https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QFCC-9M6R-R23M
Vulnerability from github – Published: 2022-08-25 00:00 – Updated: 2022-08-29 20:06A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.
{
"affected": [],
"aliases": [
"CVE-2021-4028"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-24T16:15:00Z",
"severity": "HIGH"
},
"details": "A flaw in the Linux kernel\u0027s implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.",
"id": "GHSA-qfcc-9m6r-r23m",
"modified": "2022-08-29T20:06:48Z",
"published": "2022-08-25T00:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4028"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2021-4028"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027201"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74"
},
{
"type": "WEB",
"url": "https://lkml.org/lkml/2021/10/4/697"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20221228-0002"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.