In the CVEs referenced in the report, the only use-after-free occurs inside of SQLITE\_DEBUG code. It is a read only, not a write. It's whole purpose is to trigger an alert on valgrind or ASAN to show us where we neglected to clean up a data structure in the ALTER TABLE operation. It only occurs on debug builds, and is harmless even then. The only uninitialized pointer dereferences are all read operations as well, so there is no mechanisms available to subvert data elsewhere in the system.