CVE-2024-47899
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
CVE-2024-47898
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
CVE-2024-47891
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
CVE-2025-0762
Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2024-40670
In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-40669
In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-40651
In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitati…
CVE-2024-40649
In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitati…
CVE-2024-34748
In _DevmemXReservationPageAddress of devicemem_server.c, there is a possible use-after-free due to improper casting. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interac…
CVE-2024-0147
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering.
CVE-2025-24085
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A ma…
CVE-2024-54499
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing a maliciously crafted image may lead to arbitrary c…
CVE-2022-49043
xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.
CVE-2025-21655
In the Linux kernel, the following vulnerability has been resolved:
io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period
io_eventfd_do_signal() is invoked from an RCU callback, but when
dropping the reference to the io_e…
CVE-2024-57926
In the Linux kernel, the following vulnerability has been resolved:
drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err
The pointer need to be set to NULL, otherwise KASAN complains about
use-after-free.…
CVE-2025-21652
In the Linux kernel, the following vulnerability has been resolved:
ipvlan: Fix use-after-free in ipvlan_get_iflink().
syzbot presented an use-after-free report [0] regarding ipvlan and
linkwatch.
ipvlan does not hold a refcnt of the low…
CVE-2025-21631
In the Linux kernel, the following vulnerability has been resolved:
block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()
Our syzkaller report a following UAF for v6.6:
BUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/b…
CVE-2024-57900
In the Linux kernel, the following vulnerability has been resolved:
ila: serialize calls to nf_register_net_hooks()
syzbot found a race in ila_add_mapping() [1]
commit 031ae72825ce ("ila: call nf_unregister_net_hooks() sooner")
attempted…
CVE-2024-57896
In the Linux kernel, the following vulnerability has been resolved:
btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount
During the unmount path, at close_ctree(), we first stop the cleaner
kthread, using kth…
CVE-2024-57892
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv
When mounting ocfs2 and then remounting it as read-only, a
slab-use-after-free occurs after the user uses…