CWE-825
Expired Pointer Dereference
Description
The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.
When a product releases memory, but it maintains a pointer to that memory, then the memory might be re-allocated at a later time. If the original pointer is accessed to read or write data, then this could cause the product to read or modify data that is in use by a different function or process. Depending on how the newly-allocated memory is used, this could lead to a denial of service, information exposure, or code execution.
Parent Weaknesses (ChildOf)
Related Weaknesses
Common Consequences
Scope
Impact
Read Memory
Scope
Impact
DoS: Crash, Exit, or Restart
Scope
Impact
Execute Unauthorized Code or Commands
Potential Mitigations
Choose a language that provides automatic memory management.
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
CVE-2023-26463Chain: IPSec VPN product uses the same variable for multiple purposes in the same function (CWE-1109), leading to incorrect access control (CWE-284) and expired pointer dereference (CWE-825)
CVE-2008-5013access of expired memory address leads to arbitrary code execution
CVE-2010-3257stale pointer issue leads to denial of service and possibly other consequences
CVE-2008-0062Chain: a message having an unknown message type may cause a reference to uninitialized memory resulting in a null pointer dereference (CWE-476) or dangling pointer (CWE-825), possibly crashing the system or causing heap corruption.
CVE-2007-1211read of value at an offset into a structure after the offset is no longer valid
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now