Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

CVEs (781)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-2519 2Debian Libtiff 2Debian Linux Libtiff Nov 21, 2024 Aug 31, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
CVE-2020-27794 1Radare 1Radare2 Nov 21, 2024 Aug 19, 2022 N/A· v4 9.1 CRITICAL· v3 N/A· v2 A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.
CVE-2022-23459 1Hjiang 1Json++ Oct 28, 2025 Aug 19, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a de...Show more Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may point to alterable data where the pointer itself is not updated. This issue exists on the current commit of the jsonxx project. The project itself has been archived and updates are not expected. Users are advised to find a replacement.Show less
CVE-2022-31614 1Nvidia 1Virtual Gpu Nov 21, 2024 Aug 5, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of ser...Show more NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure.Show less
CVE-2022-2509 4Debian FedoraprojectGnu+1 more 4Debian Linux Enterprise LinuxFedora+1 more Dec 2, 2025 Aug 1, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
CVE-2022-27864 1Autodesk 1Design Review Nov 21, 2024 Jul 29, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in...Show more A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.Show less
CVE-2022-36234 1Simplenetwork Project 1Simplenetwork Nov 21, 2024 Jul 28, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets.
CVE-2022-2008 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jul 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2327 1Linux 1Linux Kernel Nov 21, 2024 Jul 22, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can...Show more io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859Show less
CVE-2022-32962 1Hinet 1Hicos Natural Person Credential Component Client Nov 21, 2024 Jul 20, 2022 N/A· v4 6.8 MEDIUM· v3 N/A· v2 HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data o...Show more HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service.Show less
CVE-2022-31117 2Fedoraproject Ultrajson Project 2Fedora Ultrajson Nov 21, 2024 Jul 5, 2022 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get free...Show more UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is impossible to trigger from Python. This issue has been resolved in version 5.4.0 and all users should upgrade to UltraJSON 5.4.0. There are no known workarounds for this issue.Show less
CVE-2021-41688 1Offis 1Dcmtk Nov 3, 2025 Jun 28, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An...Show more DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack.Show less
CVE-2022-34495 1Linux 1Linux Kernel Nov 21, 2024 Jun 26, 2022 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.
CVE-2022-34494 1Linux 1Linux Kernel Nov 21, 2024 Jun 26, 2022 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.
CVE-2022-33033 1Gnu 1Libredwg Nov 21, 2024 Jun 23, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.
CVE-2022-31291 2Debian Genivi 2Debian Linux Diagnostic Log And Trace Nov 21, 2024 Jun 16, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.
CVE-2021-39806 1Google 1Android Nov 21, 2024 Jun 15, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an init...Show more In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215387420Show less
CVE-2022-20127 1Google 1Android Nov 21, 2024 Jun 15, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...Show more In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119Show less
CVE-2022-22103 1Qualcomm 2Sa8540p Firmware Sa9000p Firmware Nov 21, 2024 Jun 14, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto
CVE-2022-22086 1Qualcomm 140Apq8009w Firmware Apq8017 FirmwareApq8053 Firmware+137 more Nov 21, 2024 Jun 14, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapd...Show more Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesShow less

Previous 1...202122...40 Next