Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

CVEs (781)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-4389 1Linux 1Linux Kernel Nov 21, 2024 Aug 16, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to cras...Show more A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.Show less
CVE-2023-39975 1Mit 1Kerberos 5 Feb 25, 2026 Aug 16, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket t...Show more kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.Show less
CVE-2023-35371 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Nov 21, 2024 Aug 8, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft Office Remote Code Execution Vulnerability
CVE-2023-33952 2Linux Redhat 4Enterprise Linux Enterprise Linux For Real TimeEnterprise Linux For Real Time For Nfv+1 more Nov 21, 2024 Jul 24, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further...Show more A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.Show less
CVE-2023-38434 1Xhttp Project 1Xhttp Nov 21, 2024 Jul 18, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method.
CVE-2023-33161 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel May 19, 2026 Jul 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-21629 1Qualcomm 207205 Firmware 215 Firmware315 5g Firmware+204 more Aug 11, 2025 Jul 4, 2023 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
CVE-2023-37365 1Hnswlib Project 1Hnswlib Nov 21, 2024 Jun 30, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Hnswlib 0.7.0 has a double free in init_index when the M argument is a large integer.
CVE-2023-1999 1Webmproject 1Libwebp Feb 13, 2025 Jun 20, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because...Show more There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.Show less
CVE-2023-3312 1Linux 1Linux Kernel Apr 23, 2025 Jun 19, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service.
CVE-2023-35784 1Openbsd 2Libressl Openbsd Nov 21, 2024 Jun 16, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected.
CVE-2023-33137 1Microsoft 2Office Office Online Server Nov 21, 2024 Jun 14, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-29368 1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 more Apr 8, 2025 Jun 14, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 Windows Filtering Platform Elevation of Privilege Vulnerability
CVE-2023-29366 1Microsoft 5Windows 10 21h2 Windows 10 22h2Windows 11 21h2+2 more Nov 21, 2024 Jun 14, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Geolocation Service Remote Code Execution Vulnerability
CVE-2022-40522 1Qualcomm 54Csr8811 Firmware Ipq6000 FirmwareIpq6005 Firmware+51 more Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in Linux Networking due to double free while handling a hyp-assign.
CVE-2022-40507 1Qualcomm 242315 5g Iot Modem Firmware 9205 Lte Modem Firmware9206 Lte Modem Firmware+239 more Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption due to double free in Core while mapping HLOS address to the list.
CVE-2022-33307 1Qualcomm 110Aqt1000 Firmware Qam8255p FirmwareQam8295p Firmware+107 more Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
CVE-2022-33227 1Qualcomm 71Aqt1000 Firmware Csrb31024 FirmwareQam8255p Firmware+68 more Nov 21, 2024 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in Linux android due to double free while calling unregister provider after register call.
CVE-2023-21106 1Google 1Android Jan 24, 2025 May 15, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...Show more In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernelShow less
CVE-2023-28411 1Intel 10Server System D50tnp1mhcpac Firmware Server System D50tnp1mhcrac FirmwareServer System D50tnp1mhcrlc Firmware+7 more Nov 21, 2024 May 10, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access.

Previous 1...171819...40 Next