CWE-415
AllowedDouble Free
Abstraction: Variant · Status: Draft
The product calls free() twice on the same memory address.
966 vulnerabilities reference this CWE, most recent first.
GHSA-HC3P-JVFF-JFW5
Vulnerability from github – Published: 2022-05-17 01:06 – Updated: 2025-04-20 03:44Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
{
"affected": [],
"aliases": [
"CVE-2017-6362"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-09-07T13:29:00Z",
"severity": "HIGH"
},
"details": "Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.",
"id": "GHSA-hc3p-jvff-jfw5",
"modified": "2025-04-20T03:44:27Z",
"published": "2022-05-17T01:06:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6362"
},
{
"type": "WEB",
"url": "https://github.com/libgd/libgd/issues/381"
},
{
"type": "WEB",
"url": "https://github.com/libgd/libgd/releases/tag/gd-2.2.5"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N2BLXX7KNRE7ZVQAKGTHHWS33CUCXVUP"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N2BLXX7KNRE7ZVQAKGTHHWS33CUCXVUP"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3961"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HCG3-P22C-CW6R
Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-05-24 19:04Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2021-30535"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-07T20:15:00Z",
"severity": "HIGH"
},
"details": "Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"id": "GHSA-hcg3-p22c-cw6r",
"modified": "2022-05-24T19:04:11Z",
"published": "2022-05-24T19:04:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30535"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1194899"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HF7C-8Q5W-3W2J
Vulnerability from github – Published: 2026-01-07 12:31 – Updated: 2026-01-07 12:31Memory corruption occurs when a secure application is launched on a device with insufficient memory.
{
"affected": [],
"aliases": [
"CVE-2025-47396"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-07T12:17:05Z",
"severity": "HIGH"
},
"details": "Memory corruption occurs when a secure application is launched on a device with insufficient memory.",
"id": "GHSA-hf7c-8q5w-3w2j",
"modified": "2026-01-07T12:31:24Z",
"published": "2026-01-07T12:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47396"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HFH7-M9JR-J829
Vulnerability from github – Published: 2022-05-24 19:13 – Updated: 2022-05-24 19:13A double free issue was addressed with improved memory management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted file may lead to heap corruption.
{
"affected": [],
"aliases": [
"CVE-2021-1875"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-08T15:15:00Z",
"severity": "HIGH"
},
"details": "A double free issue was addressed with improved memory management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted file may lead to heap corruption.",
"id": "GHSA-hfh7-m9jr-j829",
"modified": "2022-05-24T19:13:32Z",
"published": "2022-05-24T19:13:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1875"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT212317"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT212323"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT212324"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT212325"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT212326"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT212327"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HGCQ-F5FX-5QP6
Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-23 00:00A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service.
{
"affected": [],
"aliases": [
"CVE-2021-23158"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-16T15:15:00Z",
"severity": "CRITICAL"
},
"details": "A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service.",
"id": "GHSA-hgcq-f5fx-5qp6",
"modified": "2022-03-23T00:00:33Z",
"published": "2022-03-17T00:00:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23158"
},
{
"type": "WEB",
"url": "https://github.com/michaelrsweet/htmldoc/issues/414"
},
{
"type": "WEB",
"url": "https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1967018"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HGF7-47F3-2GQ3
Vulnerability from github – Published: 2022-04-04 00:00 – Updated: 2025-06-25 21:30ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
{
"affected": [],
"aliases": [
"CVE-2022-28390"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-03T21:15:00Z",
"severity": "HIGH"
},
"details": "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.",
"id": "GHSA-hgf7-47f3-2gq3",
"modified": "2025-06-25T21:30:31Z",
"published": "2022-04-04T00:00:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28390"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220513-0001"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5127"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5173"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HGGX-QFVF-7MFH
Vulnerability from github – Published: 2024-09-13 06:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
scsi: aacraid: Fix double-free on probe failure
aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter().
If aac_init_adapter() fails after allocating memory for aac_dev::queues, it frees the memory but does not clear that member.
After the hardware-specific init function returns an error, aac_probe_one() goes down an error path that frees the memory pointed to by aac_dev::queues, resulting.in a double-free.
{
"affected": [],
"aliases": [
"CVE-2024-46673"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-13T06:15:11Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: aacraid: Fix double-free on probe failure\n\naac_probe_one() calls hardware-specific init functions through the\naac_driver_ident::init pointer, all of which eventually call down to\naac_init_adapter().\n\nIf aac_init_adapter() fails after allocating memory for aac_dev::queues,\nit frees the memory but does not clear that member.\n\nAfter the hardware-specific init function returns an error,\naac_probe_one() goes down an error path that frees the memory pointed to\nby aac_dev::queues, resulting.in a double-free.",
"id": "GHSA-hggx-qfvf-7mfh",
"modified": "2025-11-04T00:31:23Z",
"published": "2024-09-13T06:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46673"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4b540ec7c0045c2d01c4e479f34bbc8f147afa4c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/564e1986b00c5f05d75342f8407f75f0a17b94df"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/60962c3d8e18e5d8dfa16df788974dd7f35bd87a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/85449b28ff6a89c4513115e43ddcad949b5890c9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8a3995a3ffeca280a961b59f5c99843d81b15929"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/919ddf8336f0b84c0453bac583808c9f165a85c2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9e96dea7eff6f2bbcd0b42a098012fc66af9eb69"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d237c7d06ffddcdb5d36948c527dc01284388218"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HGXV-8GP2-J88J
Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-24 00:00In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151454974References: N/A
{
"affected": [],
"aliases": [
"CVE-2021-39725"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-16T15:15:00Z",
"severity": "MODERATE"
},
"details": "In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151454974References: N/A",
"id": "GHSA-hgxv-8gp2-j88j",
"modified": "2022-03-24T00:00:35Z",
"published": "2022-03-17T00:00:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39725"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2022-03-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HHPV-C9VH-9V76
Vulnerability from github – Published: 2025-05-13 00:31 – Updated: 2025-11-03 21:33A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.
{
"affected": [],
"aliases": [
"CVE-2025-31241"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-12T22:15:24Z",
"severity": "MODERATE"
},
"details": "A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.",
"id": "GHSA-hhpv-c9vh-9v76",
"modified": "2025-11-03T21:33:53Z",
"published": "2025-05-13T00:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31241"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122404"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122405"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122716"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122717"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122718"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122720"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122721"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/122722"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/May/11"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/May/12"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/May/5"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/May/6"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/May/7"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/May/8"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/May/9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-HJRF-5287-583Q
Vulnerability from github – Published: 2022-05-24 16:48 – Updated: 2024-04-04 00:59An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
{
"affected": [],
"aliases": [
"CVE-2019-12874"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-06-18T18:15:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.",
"id": "GHSA-hjrf-5287-583q",
"modified": "2024-04-04T00:59:40Z",
"published": "2022-05-24T16:48:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12874"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201908-23"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4074-1"
},
{
"type": "WEB",
"url": "http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=81023659c7de5ac2637b4a879195efef50846102"
},
{
"type": "WEB",
"url": "http://git.videolan.org/?p=vlc.git;a=commit;h=81023659c7de5ac2637b4a879195efef50846102"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108882"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Choose a language that provides automatic memory management.
Mitigation
Ensure that each allocation is freed only once. After freeing a chunk, set the pointer to NULL to ensure the pointer cannot be freed again. In complicated error conditions, be sure that clean-up routines respect the state of allocation properly. If the language is object oriented, ensure that object destructors delete each chunk of memory only once.
Mitigation
Use a static analysis tool to find double free instances.
No CAPEC attack patterns related to this CWE.