In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used.
In RGXCreateHWRTData_aux of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU.
Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
Memory corruption in Kernel while handling GPU operations.
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
Memory corruption while processing user packets to generate page faults.
Windows Graphics Component Elevation of Privilege Vulnerability
Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.
A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
Memory corruption when there is failed unmap operation in GPU.
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
Windows Subsystem for Linux Elevation of Privilege Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Memory corruption while handling session errors from firmware.
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
Memory corruption while handling different IOCTL calls from the user-space simultaneously.
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
Memory Corruption when multiple threads simultaneously access a memory free API.
Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
Memory corruption while processing graphics kernel driver request to create DMA fence.
Windows Defender Credential Guard Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Memory corruption while handling repeated memory unmap requests from guest VM.
Memory corruption in WLAN due to use after free
In DevmemXIntMapPages of devicemem_server.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
A “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.
Memory corruption due to use after free in Modem while modem initialization.
Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it.
Memory corruption due to use after free in Core when multiple DCI clients register and deregister.
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1381.
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1382.
Memory corruption due to use after free in trusted application environment.
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free.
Memory corruption while handling IOCTL calls to set mode.
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code.
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.