CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

CWE-825

Children

none

CVEs mapped to this weakness (1,889)

page 73 of 95

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-49925	Linux Kernel	Med	0.36	5.5	0.00	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a…
CVE-2024-47706	Linux Kernel	Med	0.36	5.5	0.00	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) \| Λ \| Λ \| Λ \| \|…
CVE-2024-45016	Linux Kernel	Med	0.36	5.5	0.00	Sep 11, 2024	In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free.…
CVE-2024-35865	Linux Kernel	Med	0.36	5.5	0.00	May 19, 2024	In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
CVE-2024-35811	Linux Kernel	Med	0.36	5.5	0.00	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following…
CVE-2023-5447	Synaptics Synaptics Hardware Support App	Med	0.36	5.5	0.00	May 14, 2024	Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App.
CVE-2023-49676	—	Med	0.36	5.5	0.00	May 6, 2024	An unauthenticated local attacker may trick a user to open corrupted project files to crash the system due to use after free vulnerability.
CVE-2024-23848	Linux Kernel	Med	0.36	5.5	0.00	Jan 23, 2024	In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
CVE-2017-17975	Linux Kernel	Med	0.36	5.5	0.00	Dec 30, 2017	Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a…
CVE-2017-17820	Nasm NASM	Med	0.36	5.5	0.00	Dec 21, 2017	In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.
CVE-2017-17817	Nasm NASM	Med	0.36	5.5	0.00	Dec 21, 2017	In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17816	Nasm NASM	Med	0.36	5.5	0.00	Dec 21, 2017	In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17814	Nasm NASM	Med	0.36	5.5	0.00	Dec 21, 2017	In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17813	Nasm NASM	Med	0.36	5.5	0.00	Dec 21, 2017	In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.
CVE-2017-15642	Sound Exchange Project Sound Exchange	Med	0.36	5.5	0.01	Oct 19, 2017	In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.
CVE-2017-14857	Exiv2 Exiv2	Med	0.36	5.5	0.00	Sep 29, 2017	In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack.
CVE-2017-6420	ClamAV Clamav	Med	0.36	5.5	0.00	Aug 7, 2017	The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
CVE-2017-9762	Radare Radare2	Med	0.36	5.5	0.00	Jun 19, 2017	The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted binary file.
CVE-2017-9520	Radare Radare2	Med	0.36	5.5	0.00	Jun 8, 2017	The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.
CVE-2017-8846	Ckolivas Lrzip	Med	0.36	5.5	0.01	May 8, 2017	The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.

CVE-2024-49925MedOct 21, 2024
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a…
CVE-2024-47706MedOct 21, 2024
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | Λ | Λ | Λ | |…
CVE-2024-45016MedSep 11, 2024
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free.…
CVE-2024-35865MedMay 19, 2024
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
CVE-2024-35811MedMay 17, 2024
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following…
CVE-2023-5447MedMay 14, 2024
Synaptics
Synaptics Hardware Support App
risk 0.36cvss 5.5epss 0.00
Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App.
CVE-2023-49676MedMay 6, 2024
risk 0.36cvss 5.5epss 0.00
An unauthenticated local attacker may trick a user to open corrupted project files to crash the system due to use after free vulnerability.
CVE-2024-23848MedJan 23, 2024
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
CVE-2017-17975MedDec 30, 2017
Linux
Kernel
risk 0.36cvss 5.5epss 0.00
Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a…
CVE-2017-17820MedDec 21, 2017
Nasm
NASM
risk 0.36cvss 5.5epss 0.00
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.
CVE-2017-17817MedDec 21, 2017
Nasm
NASM
risk 0.36cvss 5.5epss 0.00
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17816MedDec 21, 2017
Nasm
NASM
risk 0.36cvss 5.5epss 0.00
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17814MedDec 21, 2017
Nasm
NASM
risk 0.36cvss 5.5epss 0.00
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.
CVE-2017-17813MedDec 21, 2017
Nasm
NASM
risk 0.36cvss 5.5epss 0.00
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.
CVE-2017-15642MedOct 19, 2017
Sound Exchange Project
Sound Exchange
risk 0.36cvss 5.5epss 0.01
In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.
CVE-2017-14857MedSep 29, 2017
Exiv2
Exiv2
risk 0.36cvss 5.5epss 0.00
In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack.
CVE-2017-6420MedAug 7, 2017
ClamAV
Clamav
risk 0.36cvss 5.5epss 0.00
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
CVE-2017-9762MedJun 19, 2017
Radare
Radare2
risk 0.36cvss 5.5epss 0.00
The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted binary file.
CVE-2017-9520MedJun 8, 2017
Radare
Radare2
risk 0.36cvss 5.5epss 0.00
The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.
CVE-2017-8846MedMay 8, 2017
Ckolivas
Lrzip
risk 0.36cvss 5.5epss 0.01
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.