Release of Invalid Pointer or Reference
Exim before 4.96-RC0 has an Invalid Free in "pam_converse" in "auths/call_pam.c" because "store_free" is not used after "store_malloc". NOTE: The affected package is not available in a package manager we support.
CWE-763 - Release of Invalid Pointer or Reference
The application attempts to return a memory resource to the system, but calls the wrong release function or calls the appropriate release function incorrectly.