diff --git a/NEWS b/NEWS
index dfbdd981223..e5de8dbb32b 100644
--- a/NEWS
+++ b/NEWS
@@ -45,6 +45,7 @@ PHP                                                                        NEWS
   . Fixed ACL build check on MacOS. (David Carlier)
   . Fixed bug #72185: php-fpm writes empty fcgi record causing nginx 502.
     (Jakub Zelenka, loveharmful)
+  . Fixes use after free. (Heiko Weber).
 
 - Mysqlnd:
   . Fixed bug #81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626)
diff --git a/sapi/fpm/fpm/fpm_conf.c b/sapi/fpm/fpm/fpm_conf.c
index 42f75a475df..32935b57a75 100644
--- a/sapi/fpm/fpm/fpm_conf.c
+++ b/sapi/fpm/fpm/fpm_conf.c
@@ -766,8 +766,8 @@ static int fpm_evaluate_full_path(char **path, struct fpm_worker_pool_s *wp, cha
 			}
 
 			if (strlen(*path) > strlen("$prefix")) {
-				free(*path);
 				tmp = strdup((*path) + strlen("$prefix"));
+				free(*path);
 				*path = tmp;
 			} else {
 				free(*path);