Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

CVEs (781)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-34184 1Mackron 1Miniaudio Aug 26, 2025 Jun 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Miniaudio 0.10.35 has a Double free vulnerability that could cause a buffer overflow in ma_default_vfs_close__stdio in miniaudio.h.
CVE-2021-0528 1Google 1Android Nov 21, 2024 Jun 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...Show more In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185195266Show less
CVE-2021-0498 1Google 1Android Nov 21, 2024 Jun 11, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...Show more In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183461321Show less
CVE-2021-3564 3Debian FedoraprojectLinux 3Debian Linux FedoraLinux Kernel Nov 21, 2024 Jun 8, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This...Show more A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.Show less
CVE-2021-30535 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 7, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-32613 2Fedoraproject Radare 2Fedora Radare2 Nov 21, 2024 May 14, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.
CVE-2020-14354 2C Ares Fedoraproject 2C Ares Fedora Nov 21, 2024 May 13, 2021 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib....Show more A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability.Show less
CVE-2021-31449 1Foxitsoftware 2Foxit Reader Phantompdf Nov 21, 2024 May 7, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a mali...Show more This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13280.Show less
CVE-2021-1910 1Qualcomm 373Apq8009 Firmware Apq8009w FirmwareApq8017 Firmware+370 more Nov 21, 2024 May 7, 2021 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Mus...Show more Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesShow less
CVE-2021-31996 1Algorithmica Project 1Algorithmica Nov 21, 2024 May 3, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge().
CVE-2021-22332 1Huawei 4Cloudengine 12800 Firmware Cloudengine 5800 FirmwareCloudengine 6800 Firmware+1 more Nov 21, 2024 Apr 28, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional...Show more There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.Show less
CVE-2021-0271 1Juniper 1Junos Nov 21, 2024 Apr 22, 2021 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP pack...Show more A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. Continued receipt and processing of the crafted ARP packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on EX2200-C Series, EX3200 Series, EX3300 Series, EX4200 Series, EX4500 Series, EX4550 Series, EX6210 Series, EX8208 Series, EX8216 Series. 12.3 versions prior to 12.3R12-S17; 15.1 versions prior to 15.1R7-S8. This issue only affects the listed Marvell-chipset based EX Series devices. No other products or platforms are affected.Show less
CVE-2021-3492 1Canonical 1Ubuntu Linux Nov 21, 2024 Apr 17, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not...Show more Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.Show less
CVE-2021-31162 2Fedoraproject Rust Lang 2Fedora Rust Nov 21, 2024 Apr 14, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
CVE-2021-0437 1Google 1Android Nov 21, 2024 Apr 13, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed...Show more In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176168330Show less
CVE-2020-36318 1Rust Lang 1Rust Nov 21, 2024 Apr 11, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
CVE-2021-30457 1Id Map Project 1Id Map Nov 21, 2024 Apr 7, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in remove_set upon a panic in a Drop impl.
CVE-2021-30456 1Id Map Project 1Id Map Nov 21, 2024 Apr 7, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in get_or_insert upon a panic of a user-provided f function.
CVE-2021-30455 1Id Map Project 1Id Map Nov 21, 2024 Apr 7, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in IdMap::clone_from upon a .clone panic.
CVE-2021-29627 1Freebsd 1Freebsd Nov 21, 2024 Apr 7, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly freed a process supplie...Show more In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly freed a process supplied argument string. Additional operations on the socket can lead to a double free or use after free.Show less

Previous 1...242526...40 Next