CWE-416 - Use After Free

Description: The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Common Consequences: Scope: Integrity
Impact: Modify Memory
Notes: The use of previously freed memory may corrupt valid data, if the memory area in question has been allocated and used properly elsewhere.
Scope: Availability
Impact: DoS: Crash, Exit, or Restart
Notes: If chunk consolidation occurs after the use of previously freed data, the process may crash when invalid data is used as chunk information.
Scope: Integrity, Confidentiality, Availability
Impact: Execute Unauthorized Code or Commands
Notes: If malicious data is entered before chunk consolidation can take place, it may be possible to take advantage of a write-what-where primitive to execute arbitrary code. If the newly allocated data happens to hold a class, in C++ for example, various function pointers may be scattered within the heap data. If one of these function pointers is overwritten with an address to valid shellcode, execution of arbitrary code can be achieved.

CWE-416 High