CWE-415
AllowedDouble Free
Abstraction: Variant · Status: Draft
The product calls free() twice on the same memory address.
967 vulnerabilities reference this CWE, most recent first.
GHSA-CJQ9-CHQC-G9RX
Vulnerability from github – Published: 2024-11-12 21:30 – Updated: 2024-11-12 21:30Substance3D - Painter versions 10.1.0 and earlier are affected by a Double Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2024-47426"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T20:15:08Z",
"severity": "HIGH"
},
"details": "Substance3D - Painter versions 10.1.0 and earlier are affected by a Double Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-cjq9-chqc-g9rx",
"modified": "2024-11-12T21:30:54Z",
"published": "2024-11-12T21:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47426"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CM86-4H8Q-3P8F
Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-01-14 00:02There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
{
"affected": [],
"aliases": [
"CVE-2021-40038"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-10T14:10:00Z",
"severity": "HIGH"
},
"details": "There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.",
"id": "GHSA-cm86-4h8q-3p8f",
"modified": "2022-01-14T00:02:44Z",
"published": "2022-01-11T00:01:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40038"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1"
},
{
"type": "WEB",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CMRR-H89W-FC55
Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2022-05-13 01:28Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
{
"affected": [],
"aliases": [
"CVE-2014-4343"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-08-14T05:01:00Z",
"severity": "HIGH"
},
"details": "Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.",
"id": "GHSA-cmrr-h89w-fc55",
"modified": "2022-05-13T01:28:50Z",
"published": "2022-05-13T01:28:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4343"
},
{
"type": "WEB",
"url": "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121876"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211"
},
{
"type": "WEB",
"url": "http://advisories.mageia.org/MGASA-2014-0345.html"
},
{
"type": "WEB",
"url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc"
},
{
"type": "WEB",
"url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/59102"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/60082"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/60448"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/61052"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-201412-53.xml"
},
{
"type": "WEB",
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2014/dsa-3000"
},
{
"type": "WEB",
"url": "http://www.osvdb.org/109390"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/69159"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1030706"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CPCP-G87H-G6H3
Vulnerability from github – Published: 2021-11-25 00:00 – Updated: 2021-11-28 00:00An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.
{
"affected": [],
"aliases": [
"CVE-2021-43268"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-24T17:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.",
"id": "GHSA-cpcp-g87h-g6h3",
"modified": "2021-11-28T00:00:22Z",
"published": "2021-11-25T00:00:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43268"
},
{
"type": "WEB",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2021-43268"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CPRX-2QP7-3RGM
Vulnerability from github – Published: 2022-05-14 01:03 – Updated: 2022-05-14 01:03Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerability."
{
"affected": [],
"aliases": [
"CVE-2015-0058"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-02-11T03:01:00Z",
"severity": "HIGH"
},
"details": "Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka \"Windows Cursor Object Double Free Vulnerability.\"",
"id": "GHSA-cprx-2qp7-3rgm",
"modified": "2022-05-14T01:03:13Z",
"published": "2022-05-14T01:03:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0058"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100432"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/72468"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CQJP-8GG8-RWV9
Vulnerability from github – Published: 2025-08-12 21:31 – Updated: 2025-08-12 21:31A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and before 1.0.3 allows a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.
{
"affected": [],
"aliases": [
"CVE-2023-45584"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-12T19:15:27Z",
"severity": "MODERATE"
},
"details": "A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and before 1.0.3 allows a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.",
"id": "GHSA-cqjp-8gg8-rwv9",
"modified": "2025-08-12T21:31:20Z",
"published": "2025-08-12T21:31:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45584"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-209"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CRFX-F3QH-PFJ6
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-05-24 17:47In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176168330
{
"affected": [],
"aliases": [
"CVE-2021-0437"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-13T19:15:00Z",
"severity": "HIGH"
},
"details": "In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176168330",
"id": "GHSA-crfx-f3qh-pfj6",
"modified": "2022-05-24T17:47:12Z",
"published": "2022-05-24T17:47:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0437"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2021-04-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CRJM-8W39-C276
Vulnerability from github – Published: 2023-12-14 06:30 – Updated: 2025-11-04 21:30An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
{
"affected": [],
"aliases": [
"CVE-2023-49937"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-14T05:15:11Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.",
"id": "GHSA-crjm-8w39-c276",
"modified": "2025-11-04T21:30:52Z",
"published": "2023-12-14T06:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49937"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO"
},
{
"type": "WEB",
"url": "https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html"
},
{
"type": "WEB",
"url": "https://www.schedmd.com/security-archive.php"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CV6V-Q3QG-36VR
Vulnerability from github – Published: 2025-04-08 18:34 – Updated: 2025-04-08 18:34Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-27730"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-08T18:16:00Z",
"severity": "HIGH"
},
"details": "Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-cv6v-q3qg-36vr",
"modified": "2025-04-08T18:34:52Z",
"published": "2025-04-08T18:34:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27730"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27730"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CV7X-6RC6-PQ5V
Vulnerability from github – Published: 2021-08-25 20:53 – Updated: 2023-06-13 17:00Upon panic in a user-provided function f, fn mutate() & fn mutate2 drops twice a same object.
Affected versions of this crate did not guard against double drop while temporarily duplicating an object's ownership with ptr::read().
Dropping a same object can result in memory corruption.
The flaw was corrected in version "0.9.11" by fixing the code to abort upon panic.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "containers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-25907"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-19T18:40:39Z",
"nvd_published_at": null,
"severity": "CRITICAL"
},
"details": "Upon panic in a user-provided function f, fn mutate() \u0026 fn mutate2 drops twice a same object.\n\nAffected versions of this crate did not guard against double drop while temporarily duplicating an object\u0027s ownership with ptr::read().\n\nDropping a same object can result in memory corruption.\n\nThe flaw was corrected in version \"0.9.11\" by fixing the code to abort upon panic.",
"id": "GHSA-cv7x-6rc6-pq5v",
"modified": "2023-06-13T17:00:36Z",
"published": "2021-08-25T20:53:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25907"
},
{
"type": "WEB",
"url": "https://github.com/strake/containers.rs/issues/2"
},
{
"type": "PACKAGE",
"url": "https://github.com/strake/containers.rs"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2021-0010.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Double free in containers"
}
Mitigation
Choose a language that provides automatic memory management.
Mitigation
Ensure that each allocation is freed only once. After freeing a chunk, set the pointer to NULL to ensure the pointer cannot be freed again. In complicated error conditions, be sure that clean-up routines respect the state of allocation properly. If the language is object oriented, ensure that object destructors delete each chunk of memory only once.
Mitigation
Use a static analysis tool to find double free instances.
No CAPEC attack patterns related to this CWE.