Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,551)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-47196 1Linux 1Linux Kernel Jun 17, 2026 Apr 10, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Set send and receive CQ before forwarding to the driver Preset both receive and send CQ pointers prior to call to the drivers and overwrite...Show more In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Set send and receive CQ before forwarding to the driver Preset both receive and send CQ pointers prior to call to the drivers and overwrite it later again till the mlx4 is going to be changed do not overwrite ibqp properties. This change is needed for mlx5, because in case of QP creation failure, it will go to the path of QP destroy which relies on proper CQ pointers. BUG: KASAN: use-after-free in create_qp.cold+0x164/0x16e [mlx5_ib] Write of size 8 at addr ffff8880064c55c0 by task a.out/246 CPU: 0 PID: 246 Comm: a.out Not tainted 5.15.0+ #291 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x45/0x59 print_address_description.constprop.0+0x1f/0x140 kasan_report.cold+0x83/0xdf create_qp.cold+0x164/0x16e [mlx5_ib] mlx5_ib_create_qp+0x358/0x28a0 [mlx5_ib] create_qp.part.0+0x45b/0x6a0 [ib_core] ib_create_qp_user+0x97/0x150 [ib_core] ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs] ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs] ib_uverbs_ioctl+0x169/0x260 [ib_uverbs] __x64_sys_ioctl+0x866/0x14d0 do_syscall_64+0x3d/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae Allocated by task 246: kasan_save_stack+0x1b/0x40 __kasan_kmalloc+0xa4/0xd0 create_qp.part.0+0x92/0x6a0 [ib_core] ib_create_qp_user+0x97/0x150 [ib_core] ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs] ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs] ib_uverbs_ioctl+0x169/0x260 [ib_uverbs] __x64_sys_ioctl+0x866/0x14d0 do_syscall_64+0x3d/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae Freed by task 246: kasan_save_stack+0x1b/0x40 kasan_set_track+0x1c/0x30 kasan_set_free_info+0x20/0x30 __kasan_slab_free+0x10c/0x150 slab_free_freelist_hook+0xb4/0x1b0 kfree+0xe7/0x2a0 create_qp.part.0+0x52b/0x6a0 [ib_core] ib_create_qp_user+0x97/0x150 [ib_core] ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs] ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs] ib_uverbs_ioctl+0x169/0x260 [ib_uverbs] __x64_sys_ioctl+0x866/0x14d0 do_syscall_64+0x3d/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xaeShow less
CVE-2021-47195 1Linux 1Linux Kernel Jun 17, 2026 Apr 10, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-cont...Show more In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller is already freed: spi_unregister_controller(ctlr) -> put_device(&ctlr->dev) -> spi_controller_release(dev) -> mutex_unlock(&ctrl->add_lock) Move the put_device() after the mutex_unlock().Show less
CVE-2024-29043 1Microsoft 3Odbc Driver For Sql Server Sql Server 2019Sql Server 2022 Jun 17, 2026 Apr 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-26241 1Microsoft 11Windows 10 1507 Windows 10 1607Windows 10 1809+8 more Jun 17, 2026 Apr 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Win32k Elevation of Privilege Vulnerability
CVE-2024-26237 1Microsoft 9Windows 10 1809 Windows 10 21h2Windows 10 22h2+6 more Jun 17, 2026 Apr 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2024-26233 1Microsoft 4Windows Server 2016 Windows Server 2019Windows Server 2022+1 more Jun 17, 2026 Apr 9, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26231 1Microsoft 4Windows Server 2016 Windows Server 2019Windows Server 2022+1 more Jun 17, 2026 Apr 9, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26230 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Jun 17, 2026 Apr 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26227 1Microsoft 4Windows Server 2016 Windows Server 2019Windows Server 2022+1 more Jun 17, 2026 Apr 9, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26224 1Microsoft 4Windows Server 2016 Windows Server 2019Windows Server 2022+1 more Jun 17, 2026 Apr 9, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26223 1Microsoft 4Windows Server 2016 Windows Server 2019Windows Server 2022+1 more Jun 17, 2026 Apr 9, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26222 1Microsoft 4Windows Server 2016 Windows Server 2019Windows Server 2022+1 more Jun 17, 2026 Apr 9, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26221 1Microsoft 4Windows Server 2016 Windows Server 2019Windows Server 2022+1 more Jun 17, 2026 Apr 9, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-21409 1Microsoft 4.net .net FrameworkPowershell+1 more Jun 17, 2026 Apr 9, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2024-23658 1Google 1Android Jun 17, 2026 Apr 8, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
CVE-2024-30416 1Huawei 2Emui Harmonyos Jun 17, 2026 Apr 7, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Use After Free (UAF) vulnerability in the underlying driver module. Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-3158 1Google 1Chrome Jun 17, 2026 Apr 6, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-2312 2Gnu Netapp 2Bootstrap Os Grub2 Jun 17, 2026 Apr 5, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secur...Show more GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.Show less
CVE-2024-31083 - - Jun 17, 2026 Apr 5, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulti...Show more A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.Show less
CVE-2024-3299 - - Jun 17, 2026 Apr 4, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities c...Show more Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted SLDDRW or SLDPRT file. NOTE: this vulnerability was SPLIT from CVE-2024-1847.Show less

Previous 1...159160161...378 Next