CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,660 vulnerabilities with CWE-416
CVE-2021-39812 HIGH
Android - Use-After-Free in TBD
CVSS 7.8
CVE-2021-39803 MEDIUM
Android - Use-After-Free in C2AllocatorIon.cpp
CVSS 6.5
CVE-2021-39801 HIGH
Android - Use-After-Free in ion_ioctl
CVSS 7.8
CVE-2021-39800 MEDIUM
Android - Use-After-Free in ion_ioctl
CVSS 5.5
CVE-2021-0707 HIGH
Android - Use-After-Free in dma_buf_release
CVSS 7.8
CVE-2021-41715 HIGH
libsixel 1.10.0 - Use-After-Free in Dither Function
CVSS 8.8
CVE-2021-35115 HIGH
Snapdragon Auto/Snapdragon Mobile - Use After Free
CVSS 8.4
CVE-2021-39776 HIGH
Android 12L - Use-After-Free in NFC
CVSS 7.8
CVE-2021-4203 MEDIUM
Linux Kernel - Use After Free
CVSS 6.8
CVE-2021-4202 HIGH
Linux kernel - Privilege Escalation
CVSS 7.0
CVE-2021-4150 MEDIUM
Linux Kernel < 5.15 - Use-After-Free in add_partition
CVSS 5.5
CVE-2021-3748 HIGH
QEMU 0.10.0-6.1.0 - Use-After-Free in virtio-net Descriptor Handling
CVSS 7.5
CVE-2021-45868 MEDIUM
Linux kernel <5.15.3 - Use After Free
CVSS 5.5
CVE-2021-39714 HIGH
Android - Use-After-Free via Integer Overflow in ion_buffer_kmap_get
CVSS 7.8
CVE-2021-39698 HIGH
Android - Use-After-Free in aio_poll_complete_work
CVSS 7.8
CVE-2021-44964 MEDIUM
Lua 5.4.0-5.4.3 - Use-After-Free in Garbage Collector
CVSS 6.3
CVE-2021-3640 HIGH
Linux Kernel < 4.4.293 - Use-After-Free in sco_sock_sendmsg
CVSS 7.0
CVE-2021-3738 HIGH
Samba 4.0.0-4.13.14 - Use-After-Free in DCE/RPC Association Groups
CVSS 8.8
CVE-2021-3715 HIGH
Linux kernel - Privilege Escalation
CVSS 7.8
CVE-2021-21708 HIGH
PHP 7.4.0-7.4.27 - Use-After-Free via FILTER_VALIDATE_FLOAT with Min/Max Limits
CVSS 8.2
CVE-2021-22478 MEDIUM
HarmonyOS < 2.0 - Use-After-Free in Module Interface
CVSS 5.5
CVE-2021-3700 MEDIUM
usbredir < 0.11.0 - Use-After-Free in usbredirparser_serialize()
CVSS 6.4
CVE-2021-43826 HIGH
Envoy < 1.18.6 - Use-After-Free in Upstream Tunneling
CVSS 7.5
CVE-2021-43825 MEDIUM
Envoy < 1.18.6 - Use-After-Free in Response Buffer Overflow Handling
CVSS 6.1
CVE-2021-46655 HIGH
Bentley Microstation and View < 10.16.02 - Remote Code Execution via JT File Parsing
CVSS 7.8
Details
Vulnerabilities 7,660
Exploit Likelihood High