CWE-416
7,425 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,425)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
In the Android kernel in the mnh driver there is a race condition due to insufficient locking. This could lead to a use-after-free which could lead to escalation of privilege with System execution privileges needed. User...Show more |
2Libslirp Project Qemu2Libslirp QemuNov 21, 2024 Sep 6, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. |
In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no addi...Show more |
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. |
2Linux Opensuse2Leap Linux KernelNov 21, 2024 Sep 4, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak. |
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free. |
3Debian LinuxOpensuse3Debian Linux LeapLinux KernelNov 21, 2024 Sep 4, 2019 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Canonical Irssi2Irssi Ubuntu LinuxNov 21, 2024 Aug 29, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. |
Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all. |
A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifilter for directory ch...Show more |
1Rust Openssl Project 1Rust Openssl Nov 21, 2024 Aug 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing. |
An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution. |
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may resul...Show more |
3Canonical DebianLinux3Debian Linux Linux KernelUbuntu LinuxNov 21, 2024 Aug 21, 2019 N/A· v4 4.7 MEDIUM· v3 10.0 HIGH· v2 An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c. |
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Aug 20, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use aft...Show more |
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Aug 20, 2019 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use aft...Show more |
1Adobe 2Acrobat Dc Acrobat Reader DcNov 21, 2024 Aug 20, 2019 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use aft...Show more |