2020

CVE-2020-1752 (v3: 7.8) 30 Apr 2020
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.
CVE-2020-8945 (v3: 9.8) 12 Feb 2020
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.

2019

CVE-2019-20010 (v3: 8.8) 27 Dec 2019
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
CVE-2019-16396 (v3: 7.8) 17 Sep 2019
GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.
CVE-2019-16165 (v3: 6.5) 9 Sep 2019
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c.

2018

CVE-2018-20623 (v3: 5.5) 31 Dec 2018
In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.

2017

CVE-2017-12133 (v3: 5.9) 7 Sep 2017
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
CVE-2017-12448 (v3: 7.8) 4 Aug 2017
The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c.
CVE-2017-6966 (v3: 5.5) 17 Mar 2017
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.

2016

CVE-2016-4487 (v3: 5.5) 24 Feb 2017
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."
CVE-2016-4488 (v3: 5.5) 24 Feb 2017
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."
CVE-2016-9401 (v3: 5.5) 23 Jan 2017
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.

2015

CVE-2015-1606 (v3: 5.5) 20 Nov 2019
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.

2014

2013

2012

2011