CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,566 vulnerabilities with CWE-416
CVE-2022-48822 HIGH
Linux Kernel 4.9-5.16.10 Use-After-Free in USB FunctionFS Endpoint File Handling
CVSS 7.8
CVE-2022-48821 HIGH
Linux Kernel 5.1-5.3 - Use-After-Free in FASTRPC DMA Buffer Allocation
CVSS 7.8
CVE-2022-48801 HIGH
Linux Kernel 5.13-5.15.24 and 5.16.0-5.16.10 - Use-After-Free in IIO Buffer File Descriptor Handling
CVSS 7.8
CVE-2022-48796 HIGH
Linux Kernel 5.7-5.10.101, 5.11.0-5.15.24, 5.16.0-5.16.10 - Use-After-Free in IOMMU Probe
CVSS 7.8
CVE-2022-48792 HIGH
Linux Kernel - Use-After-Free in SCSI pm8001 SSP/STP Task Completion
CVSS 7.8
CVE-2022-48791 HIGH
Linux Kernel < 5.10.102, 5.11.0-5.15.25, 5.14.0-5.16.11 - Use-After-Free in SCSI PM8001 TMF Abort Handling
CVSS 7.8
CVE-2022-48790 HIGH
Linux Kernel < 5.16.11 NVMe Controller Reset Use-After-Free
CVSS 7.0
CVE-2022-48789 HIGH
Linux Kernel - Use-After-Free in NVMe-TCP Error Recovery Work
CVSS 7.8
CVE-2022-48788 HIGH
Linux Kernel - Use-After-Free in NVMe-RDMA Transport Error Recovery
CVSS 7.8
CVE-2022-48787 HIGH
Linux Kernel Use-After-Free in iwlwifi Driver
CVSS 7.8
CVE-2022-48783 HIGH
Linux Kernel 5.10.101-5.10.102, 5.15.24-5.15.25, 5.16.10-5.16.11 - Use-After-Free in gswip_remove()
CVSS 7.8
CVE-2022-48782 HIGH
Linux Kernel 5.16-5.16.10 - Use-After-Free in MCTP Key Acquisition
CVSS 7.8
CVE-2022-48779 HIGH
Linux Kernel 5.16-5.16.10 - Use-After-Free in ocelot_vlan_del()
CVSS 7.8
CVE-2022-48771 HIGH
Linux Kernel 4.14-5.16.3 - Use-After-Free via Stale File Descriptor in DRM vmwgfx
CVSS 7.8
CVE-2022-48759 HIGH
Linux Kernel 4.11-5.16.5 - Use-After-Free in rpmsg_ctrldev Release
CVSS 7.0
CVE-2022-48754 HIGH
Linux Kernel 4.16-4.19.227, 4.20-5.4.175, 5.5-5.10.95, 5.11-5.15.18, 5.16-5.16.4 - Use-After-Free in phy_detach
CVSS 8.4
CVE-2022-48742 HIGH
Linux Kernel Use-After-Free in rtnetlink __rtnl_newlink
CVSS 7.8
CVE-2022-48735 HIGH
Linux Kernel 5.9-5.10.99, 5.11-5.15.22, 5.16-5.16.8 - Use-After-Free in HD-audio LED Class Device Handling
CVSS 7.8
CVE-2022-48733 HIGH
Linux Kernel < 5.10.226, 5.11.0-5.15.21, < 5.16.8 - Use-After-Free in Btrfs Snapshot Creation
CVSS 7.8
CVE-2022-48726 HIGH
Linux Kernel 5.10-5.10.98, 5.11-5.15.21, 5.16-5.16.7 - Use-After-Free in RDMA ucma Multicast Cleanup
CVSS 7.8
CVE-2022-43652 MEDIUM
Bentley View - Use After Free/Info Disclosure
CVSS 5.5
CVE-2022-43651 HIGH
Bentley View < 10.17.02.18 - Use-After-Free in SKP File Parser
CVSS 7.8
CVE-2022-48695 HIGH
Linux Kernel < 5.19.9 - Use-After-Free in SCSI mpt3sas Controller Reset
CVSS 7.8
CVE-2022-48697 MEDIUM
Linux Kernel Use-After-Free in NVMe Target Subsystem
CVSS 5.3
CVE-2022-48686 HIGH
Linux Kernel 5.0-5.3, 5.5-5.10.142, 5.11-5.15.67, 5.16-5.19.8 - Use-After-Free in NVMe-TCP Digest Error Handling
CVSS 7.8
Details
Vulnerabilities 7,566
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits