DerScanner
Home / Vulnerability Database / Objective-C : Use after free
Objective-C

Objective-C : Use after free

Classification

OWASP Mobile Top 10 2016
M7-Poor Code Quality
OWASP MASVS
V7: 7.8.(L1/L2/L1+R/L2+R)
CWE
CWE-416
CWE/SANS Top 25 2021
CWE-416

Overview

The application is trying to use the freed memory. This may lead to incorrect behavior of the application.

The use of previously-freed memory can have any number of adverse consequences, ranging from the corruption of valid data to the execution of arbitrary code. The simplest way data corruption may occur involves the system’s reuse of the freed memory. Use-after-free errors have two common causes:

  • Error conditions and other exceptional circumstances.
  • Confusion over which part of the program is responsible for freeing the memory.

References

  1. What happens when you try to free() already freed memory in c? - stackoverflow.com
  2. CWE-416: Use After Free
  3. Mobile Top 10 2016-M7-Poor Code Quality
MEDIUM

DerScanner Severity Score

Do you want to fix Objective-C : Use after free in your application?

See also

Objective-C

Objective-C : Internal information leak

Objective-C

Objective-C : Weak hashing algorithm

Objective-C

Objective-C : Unsafe reflection