Common Weakness Enumeration

CWE-415

Allowed

Double Free

Abstraction: Variant · Status: Draft

The product calls free() twice on the same memory address.

967 vulnerabilities reference this CWE, most recent first.

GHSA-FFQC-F68H-QQ8W

Vulnerability from github – Published: 2022-05-14 01:09 – Updated: 2022-05-14 01:09
VLAI
Details

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-6952"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-13T19:29:00Z",
    "severity": "HIGH"
  },
  "details": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
  "id": "GHSA-ffqc-f68h-qq8w",
  "modified": "2022-05-14T01:09:25Z",
  "published": "2022-05-14T01:09:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6952"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2033"
    },
    {
      "type": "WEB",
      "url": "https://savannah.gnu.org/bugs/index.php?53133"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201904-17"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103047"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FGG6-XP7M-P38Q

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31
VLAI
Details

Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-8835"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-25T23:29:00Z",
    "severity": "HIGH"
  },
  "details": "Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.",
  "id": "GHSA-fgg6-xp7m-p38q",
  "modified": "2022-05-13T01:31:48Z",
  "published": "2022-05-13T01:31:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8835"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-114-03"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103972"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FGR8-8JMX-C896

Vulnerability from github – Published: 2026-01-06 03:31 – Updated: 2026-01-06 15:30
VLAI
Details

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20786"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415",
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-06T02:15:42Z",
    "severity": "MODERATE"
  },
  "details": "In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.",
  "id": "GHSA-fgr8-8jmx-c896",
  "modified": "2026-01-06T15:30:27Z",
  "published": "2026-01-06T03:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20786"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/January-2026"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FH5V-R835-MW7V

Vulnerability from github – Published: 2022-05-14 03:01 – Updated: 2022-05-14 03:01
VLAI
Details

The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-16820"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-14T21:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).",
  "id": "GHSA-fh5v-r835-mw7v",
  "modified": "2022-05-14T03:01:48Z",
  "published": "2022-05-14T03:01:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16820"
    },
    {
      "type": "WEB",
      "url": "https://github.com/collectd/collectd/issues/2291"
    },
    {
      "type": "WEB",
      "url": "https://github.com/collectd/collectd/commit/d16c24542b2f96a194d43a73c2e5778822b9cb47"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:0252"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:0299"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:0560"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:1605"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2615"
    },
    {
      "type": "WEB",
      "url": "https://bugs.debian.org/881757"
    },
    {
      "type": "WEB",
      "url": "https://github.com/collectd/collectd/releases/tag/collectd-5.6.3"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201803-10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FHHW-9RJC-7M26

Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2024-04-04 00:45
VLAI
Details

In libwebp 0.5.1, there is a double free bug in libwebpmux.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-9969"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-23T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "In libwebp 0.5.1, there is a double free bug in libwebpmux.",
  "id": "GHSA-fhhw-9rjc-7m26",
  "modified": "2024-04-04T00:45:28Z",
  "published": "2022-05-24T16:46:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9969"
    },
    {
      "type": "WEB",
      "url": "https://bugs.chromium.org/p/webp/issues/detail?id=322"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FHPC-4Q7R-QHMX

Vulnerability from github – Published: 2022-05-14 01:12 – Updated: 2022-05-14 01:12
VLAI
Details

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-11840"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-09-18T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice.",
  "id": "GHSA-fhpc-4q7r-qhmx",
  "modified": "2022-05-14T01:12:47Z",
  "published": "2022-05-14T01:12:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11840"
    },
    {
      "type": "WEB",
      "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a3d53bb977b907a5d11d22cad3f8ebf3f1d2b1ed"
    },
    {
      "type": "WEB",
      "url": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107770"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FJCW-72X2-RMMV

Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-10-16 19:00
VLAI
Details

In the standard library in Rust before 1.53.0, a double free can occur in the Vec::from_iter function if freeing the element panics.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31162"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-14T07:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "In the standard library in Rust before 1.53.0, a double free can occur in the Vec::from_iter function if freeing the element panics.",
  "id": "GHSA-fjcw-72x2-rmmv",
  "modified": "2022-10-16T19:00:30Z",
  "published": "2022-05-24T17:47:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31162"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-lang/rust/issues/83618"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-lang/rust/pull/83629"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-lang/rust/pull/84603"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202210-09"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FJFF-R876-R378

Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31
VLAI
Details

Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-49688"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T17:15:54Z",
    "severity": "HIGH"
  },
  "details": "Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.",
  "id": "GHSA-fjff-r876-r378",
  "modified": "2025-07-08T18:31:47Z",
  "published": "2025-07-08T18:31:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49688"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49688"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FJR6-HM39-4CF9

Vulnerability from github – Published: 2021-08-25 20:52 – Updated: 2021-08-19 18:46
VLAI
Summary
Double free in basic_dsp_matrix
Details

An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "basic_dsp_matrix"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.9.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-25906"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T18:46:23Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.",
  "id": "GHSA-fjr6-hm39-4cf9",
  "modified": "2021-08-19T18:46:23Z",
  "published": "2021-08-25T20:52:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25906"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liebharc/basic_dsp/issues/47"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/liebharc/basic_dsp"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2021-0009.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Double free in basic_dsp_matrix"
}

GHSA-FJRG-JF3X-R8JR

Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-12-07 21:30
VLAI
Details

A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-8003"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-27T05:15:00Z",
    "severity": "LOW"
  },
  "details": "A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free.",
  "id": "GHSA-fjrg-jf3x-r8jr",
  "modified": "2022-12-07T21:30:29Z",
  "published": "2022-05-24T17:07:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8003"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/virgl/virglrenderer/commit/f9b079ccc319c98499111f66bd654fc9b56cf15f?merge_request_iid=340"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=3320973c9f2068f60cf6613c2811a8824781878a"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=f9b079ccc319c98499111f66bd654fc9b56cf15f"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Choose a language that provides automatic memory management.

Mitigation
Implementation

Ensure that each allocation is freed only once. After freeing a chunk, set the pointer to NULL to ensure the pointer cannot be freed again. In complicated error conditions, be sure that clean-up routines respect the state of allocation properly. If the language is object oriented, ensure that object destructors delete each chunk of memory only once.

Mitigation
Implementation

Use a static analysis tool to find double free instances.

No CAPEC attack patterns related to this CWE.