diff --git a/src/cmd/ksh93/include/argnod.h b/src/cmd/ksh93/include/argnod.h
index 6c160688c..636e473ba 100644
--- a/src/cmd/ksh93/include/argnod.h
+++ b/src/cmd/ksh93/include/argnod.h
@@ -53,7 +53,7 @@ struct comnod
 #define COMSCAN		(01<<COMBITS)
 #define COMFIXED	(02<<COMBITS)
 
-struct slnod 	/* struct for link list of stacks */
+struct slnod 	/* struct for linked list of stacks */
 {
 	struct slnod	*slnext;
 	struct slnod	*slchild;
diff --git a/src/cmd/ksh93/include/version.h b/src/cmd/ksh93/include/version.h
index 48c678993..d102799c0 100644
--- a/src/cmd/ksh93/include/version.h
+++ b/src/cmd/ksh93/include/version.h
@@ -18,7 +18,7 @@
 
 #define SH_RELEASE_FORK	"93u+m"		/* only change if you develop a new ksh93 fork */
 #define SH_RELEASE_SVER	"1.0.3-alpha"	/* semantic version number: https://semver.org */
-#define SH_RELEASE_DATE	"2022-08-18"	/* must be in this format for $((.sh.version)) */
+#define SH_RELEASE_DATE	"2022-08-19"	/* must be in this format for $((.sh.version)) */
 #define SH_RELEASE_CPYR	"(c) 2020-2022 Contributors to ksh " SH_RELEASE_FORK
 
 /* Scripts sometimes field-split ${.sh.version}, so don't change amount of whitespace. */
diff --git a/src/cmd/ksh93/sh/parse.c b/src/cmd/ksh93/sh/parse.c
index 3d5451701..070bd2df1 100644
--- a/src/cmd/ksh93/sh/parse.c
+++ b/src/cmd/ksh93/sh/parse.c
@@ -528,8 +528,16 @@ void sh_funstaks(register struct slnod *slp,int flag)
 		{
 			if(flag<=0)
 			{
-				stakdelete(slpold->slptr);
+				/*
+				 * Since we're dealing with a linked list of stacks, slpold may be inside the allocated region
+				 * pointed to by slpold->slptr, meaning the stakdelete() call may invalidate slpold as well as
+				 * slpold->slptr. So if we do 'stakdelete(slpold->slptr); slpold->slptr = NIL(Stak_t*)' as may
+				 * seem obvious, the assignment may be a use-after-free of slpold. Therefore, save the pointer
+				 * value and reset the pointer before closing/freeing the stack.
+				 */
+				Stak_t *sp = slpold->slptr;
 				slpold->slptr = NIL(Stak_t*);
+				stakdelete(sp);
 			}
 			else
 				staklink(slpold->slptr);