Vulnerabilities > Use After Free
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-11 | CVE-2024-45013 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: nvme: move stopping keep-alive into nvme_uninit_ctrl() Commit 4733b65d82bd ("nvme: start keep-alive after admin queue setup") moves starting keep-alive from nvme_start_ctrl() into nvme_init_ctrl_finish(), but don't move stopping keep-alive into nvme_uninit_ctrl(), so keep-alive work can be started and keep pending after failing to start controller, finally use-after-free is triggered if nvme host driver is unloaded. This patch fixes kernel panic when running nvme/004 in case that connection failure is triggered, by moving stopping keep-alive into nvme_uninit_ctrl(). This way is reasonable because keep-alive is now started in nvme_init_ctrl_finish(). | 5.5 |
| 2024-09-11 | CVE-2024-45016 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free. This commit made netem_enqueue() always return NET_XMIT_SUCCESS when a packet is duplicated, which can cause the parent qdisc's q.qlen to be mistakenly incremented. | 5.5 |
| 2024-09-11 | CVE-2024-8637 | Use After Free vulnerability in Google Chrome Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-09-11 | CVE-2024-8639 | Use After Free vulnerability in Google Chrome Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-09-11 | CVE-2024-23716 | Use After Free vulnerability in Google Android In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. | 7.0 |
| 2024-09-10 | CVE-2024-31960 | Use After Free vulnerability in Samsung Exynos 1480 Firmware and Exynos 2400 Firmware An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. | 7.8 |
| 2024-09-06 | CVE-2024-8394 | Use After Free vulnerability in Mozilla Thunderbird When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. | 6.5 |
| 2024-09-05 | CVE-2024-45107 | Use After Free vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2024-09-05 | CVE-2024-43102 | Use After Free vulnerability in Freebsd Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the reference count of the object representing the mapping too many times, causing it to be freed too early. A malicious code exercizing the UMTX_SHM_DESTROY sub-request in parallel can panic the kernel or enable further Use-After-Free attacks, potentially including code execution or Capsicum sandbox escape. | 10.0 |
| 2024-09-05 | CVE-2024-45063 | Use After Free vulnerability in Freebsd The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. | 8.8 |