Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CVEs (7,455)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-30522 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-36387 2Linux Netapp 9H300e Firmware H300s FirmwareH410c Firmware+6 more Nov 21, 2024 Jun 7, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.
CVE-2019-25045 2Linux Netapp 22Aff 8300 Firmware Aff 8700 FirmwareAff A400 Firmware+19 more Nov 21, 2024 Jun 7, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.
CVE-2018-25015 2Linux Netapp 9H300e Firmware H300s FirmwareH410c Firmware+6 more Nov 21, 2024 Jun 7, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.
CVE-2020-36385 3Linux NetappStarwindsoftware 11H300e Firmware H300s FirmwareH410c Firmware+8 more Nov 21, 2024 Jun 7, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka...Show more An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.Show less
CVE-2021-30520 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 4, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30519 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 4, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30515 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 4, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30514 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 4, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30512 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 4, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30510 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 4, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Aura in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-7469 2Freebsd Netapp 2Clustered Data Ontap Freebsd Nov 21, 2024 Jun 4, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holdi...Show more In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet buffer may be freed, rendering the cached pointer invalid. The network stack may later dereference the pointer, potentially triggering a use-after-free.Show less
CVE-2021-30474 1Aomedia 1Aomedia Nov 21, 2024 Jun 2, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free.
CVE-2021-3543 3Fedoraproject Nitro Enclaves ProjectRedhat 3Enterprise Linux FedoraNitro Enclaves Nov 21, 2024 Jun 1, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the s...Show more A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.Show less
CVE-2021-3516 6Debian FedoraprojectNetapp+3 more 9Clustered Data Ontap Clustered Data Ontap Antivirus ConnectorDebian Linux+6 more Nov 21, 2024 Jun 1, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidenti...Show more There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.Show less
CVE-2021-20292 4Debian FedoraprojectLinux+1 more 4Debian Linux Enterprise LinuxFedora+1 more Nov 21, 2024 May 28, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the exist...Show more There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.Show less
CVE-2020-35506 1Qemu 1Qemu Nov 21, 2024 May 28, 2021 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged...Show more A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service or potential code execution with the privileges of the QEMU process.Show less
CVE-2021-30469 3Fedoraproject Podofo ProjectRedhat 3Enterprise Linux FedoraPodofo Nov 21, 2024 May 26, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.
CVE-2020-25669 3Debian LinuxNetapp 13Cloud Backup Debian LinuxH300e Firmware+10 more Nov 21, 2024 May 26, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there i...Show more A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.Show less
CVE-2020-25671 4Debian FedoraprojectLinux+1 more 14Active Iq Unified Manager Cloud BackupDebian Linux+11 more Nov 21, 2024 May 26, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.

Previous 1...256257258...373 Next