CWE-416

High likelihood

Use After Free

Parent: CWE-825 - Expired Pointer Dereference

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

7,489 vulnerabilities with CWE-416
CVE-2025-37786 HIGH
Linux Kernel 5.5-6.14.4 - Use-After-Free in DSA Routing Table
CVSS 7.8
CVE-2025-37778 HIGH
Linux Kernel 5.15-6.1.134, 6.2-6.6.87, 6.7-6.12.24, 6.13-6.14.3 - Use-After-Free in ksmbd_krb5_authenticate
CVSS 7.8
CVE-2025-37777 HIGH
Linux Kernel 5.15-6.6.100, 6.7-6.12.25, 6.13-6.14.3 - Use-After-Free in ksmbd Connection Handling
CVSS 7.8
CVE-2025-37776 HIGH
Linux Kernel 5.15-6.6.87, 6.7-6.12.24, 6.13-6.14.3 - Use-After-Free in smb_break_all_levII_oplock
CVSS 7.0
CVE-2025-37765 MEDIUM
Linux Kernel - Use-After-Free in Nouveau DRM Prime GEM Object Handling
CVSS 5.5
CVE-2025-37763 HIGH
Linux Kernel 6.8-6.12.24, 6.13.0-6.14.3, 6.15 - Use-After-Free in DRM Imagination Job Handling
CVSS 7.8
CVE-2025-37750 HIGH
Linux Kernel 5.10.237-5.11, 6.12.0-6.12.24, 6.13.0-6.13.12, 6.14.0-6.14.3 - Use-After-Free in SMB Client
CVSS 7.8
CVE-2025-37738 HIGH
Linux Kernel - Use-After-Free in ext4_xattr_inode_dec_ref_all
CVSS 7.8
CVE-2025-23142 HIGH
Linux Kernel - Use-After-Free in SCTP Transport Handling
CVSS 7.8
CVE-2025-30194 HIGH
DNSdist 1.9.0-1.9.8 - Denial of Service via DoH nghttp2 Provider
CVSS 7.5
CVE-2025-31197 MEDIUM
iPadOS < 17.7.6 - Use-After-Free
CVSS 5.7
CVE-2025-24252 HIGH
iPadOS < 17.7.6 - Use-After-Free
CVSS 8.8
CVE-2025-1048 HIGH
Sonos Era 300 Speaker - Use After Free
CVSS 8.8
CVE-2025-1046 HIGH
Luxion KeyShot - Use After Free RCE
CVSS 7.8
CVE-2025-37838 HIGH
Linux Kernel - Use-After-Free in HSI ssi_protocol Driver via Race Condition
CVSS 7.8
CVE-2025-1290 HIGH
ChromeOS Kernel 5.4 - Use-After-Free in virtio_transport_space_update
CVSS 8.1
CVE-2025-1704 MEDIUM
Google ChromeOS 15823.23.0 - Use-After-Free in ComponentInstaller
CVSS 6.5
CVE-2025-3620 HIGH
Google Chrome < 135.0.7049.95 - Use-After-Free in USB via Crafted HTML Page
CVSS 8.8
CVE-2025-22126 HIGH
Linux Kernel 6.0-6.1.134, 6.2-6.6.87, 6.7-6.12.24, 6.13-6.14.1 - Use-After-Free in MD Device List Iteration
CVSS 7.8
CVE-2025-22097 HIGH
Linux Kernel 5.12-6.14.2 - Use-After-Free in vkms Driver Initialization
CVSS 7.8
CVE-2025-22088 HIGH
Linux Kernel 6.0-6.1.133, 6.2-6.6.86, 6.7-6.12.22, 6.13-6.13.10, 6.14-6.14.1 - Use-After-Free in erdma_accept_newconn
CVSS 7.8
CVE-2025-22085 HIGH
Linux Kernel 6.12-6.12.22, 6.13-6.13.10, 6.14-6.14.1 - Use-After-Free in RDMA Device Name Rename
CVSS 7.8
CVE-2025-22083 HIGH
Linux Kernel - Use-After-Free in vhost-scsi Endpoint Handling
CVSS 7.8
CVE-2025-22068 HIGH
Linux Kernel 6.7-6.12.22, 6.13.0-6.13.10, 6.14.0-6.14.1 - Use-After-Free in ublk Queue Freeze Handling
CVSS 7.8
CVE-2025-22041 HIGH
Linux Kernel - Use-After-Free in ksmbd_sessions_deregister
CVSS 8.8
Details
Vulnerabilities 7,489
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits