Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

CVEs (781)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-11246 1Qualcomm 317Apq8017 Firmware Apq8037 FirmwareApq8053 Firmware+314 more Nov 21, 2024 Apr 7, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...Show more A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon MobileShow less
CVE-2020-11231 1Qualcomm 215Apq8017 Firmware Apq8053 FirmwareAqt1000 Firmware+212 more Nov 21, 2024 Apr 7, 2021 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer I...Show more Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon MobileShow less
CVE-2021-29940 1Through Project 1Through Nov 21, 2024 Apr 1, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the through crate through 2021-02-18 for Rust. There is a double free (in through and through_and) upon a panic of the map function.
CVE-2021-29938 1Slice Deque Project 1Slice Deque Nov 21, 2024 Apr 1, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drain_filter upon a panic in a predicate function.
CVE-2021-29933 1Insert Many Project 1Insert Many Nov 21, 2024 Apr 1, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the insert_many crate through 2021-01-26 for Rust. Elements may be dropped twice if a .next() method panics.
CVE-2021-29931 1Arenavec Project 1Arenavec Nov 21, 2024 Apr 1, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the arenavec crate through 2021-01-12 for Rust. A double drop can sometimes occur upon a panic in T::drop().
CVE-2021-29929 1Endian Trait Project 1Endian Trait Nov 21, 2024 Apr 1, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the endian_trait crate through 2021-01-04 for Rust. A double drop can occur when a user-provided Endian impl panics.
CVE-2021-0397 1Google 1Android Nov 21, 2024 Mar 10, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not neede...Show more In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148Show less
CVE-2021-0392 1Google 1Android Nov 21, 2024 Mar 10, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Pro...Show more In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-175124730Show less
CVE-2021-28041 4Fedoraproject NetappOpenbsd+1 more 9Cloud Backup Communications Offline Mediation ControllerFedora+6 more Nov 21, 2024 Mar 5, 2021 N/A· v4 7.1 HIGH· v3 4.6 MEDIUM· v2 ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-...Show more ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.Show less
CVE-2021-28034 1Stack Dst Project 1Stack Dst Nov 21, 2024 Mar 5, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic.
CVE-2021-28031 1Scratchpad Project 1Scratchpad Nov 21, 2024 Mar 5, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function.
CVE-2021-28028 1Toodee Project 1Toodee Nov 21, 2024 Mar 5, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic.
CVE-2021-3403 3Fedoraproject RedhatYtnef Project 3Enterprise Linux FedoraYtnef Nov 21, 2024 Mar 4, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.
CVE-2021-27645 3Debian FedoraprojectGnu 3Debian Linux FedoraGlibc Jun 9, 2025 Feb 24, 2021 N/A· v4 2.5 LOW· v3 1.9 LOW· v2 The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service o...Show more The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.Show less
CVE-2021-3407 3Artifex DebianFedoraproject 3Debian Linux FedoraMupdf Nov 21, 2024 Feb 23, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
CVE-2019-19005 2Autotrace Project Fedoraproject 2Autotrace Fedora Nov 21, 2024 Feb 11, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
CVE-2021-26954 1Qwutils Project 1Qwutils Nov 21, 2024 Feb 9, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop.
CVE-2021-22303 1Huawei 1Taurus Al00a Firmware Nov 21, 2024 Feb 6, 2021 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious oper...Show more There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service.Show less
CVE-2021-25908 1Fil Ocl Project 1Fil Ocl Nov 21, 2024 Jan 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From<EventList> can lead to a double free.

Previous 1...252627...40 Next