VYPR

CWE-415

Double Free

VariantDraftLikelihood: High

Description

The product calls free() twice on the same memory address.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (275)

page 5 of 14
  • CVE-2018-11243HigMay 18, 2018
    risk 0.51cvss 7.8epss 0.03

    PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attackers to cause a denial of service (double free), limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file.

  • CVE-2018-3855HigApr 26, 2018
    risk 0.51cvss 7.8epss 0.02

    In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.

  • CVE-2018-8835HigApr 25, 2018
    risk 0.51cvss 7.8epss 0.02

    Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.

  • CVE-2017-15826HigMar 30, 2018
    risk 0.51cvss 7.8epss 0.00

    Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures.

  • CVE-2017-17320HigMar 20, 2018
    risk 0.51cvss 7.8epss 0.01

    Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root…

  • CVE-2018-3560HigMar 16, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Double Free vulnerability exists in Audio Driver while opening a sound compression device.

  • CVE-2018-7589HigMar 1, 2018
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in CImg v.220. A double free in load_bmp in CImg.h occurs when loading a crafted bmp image.

  • CVE-2017-13181HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed.…

  • CVE-2017-9705HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and…

  • CVE-2017-15316HigDec 22, 2017
    risk 0.51cvss 7.8epss 0.01

    The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application,…

  • CVE-2017-8141HigNov 22, 2017
    risk 0.51cvss 7.8epss 0.01

    The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. An attacker with the root privilege of the Android system tricks a user into installing a malicious application, and the application…

  • CVE-2017-8140HigNov 22, 2017
    risk 0.51cvss 7.8epss 0.01

    The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific…

  • CVE-2017-11032HigNov 16, 2017
    risk 0.51cvss 7.8epss 0.00

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in the service-locator driver function service_locator_send_msg().

  • CVE-2017-9687HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that controls ipa ipc log which will lead to the double-free in…

  • CVE-2017-9686HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used.

  • CVE-2017-7373HigJun 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, a double free vulnerability exists in a display driver.

  • CVE-2015-9007HigJun 6, 2017
    risk 0.51cvss 7.8epss 0.00

    In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.

  • CVE-2017-8890HigMay 10, 2017
    risk 0.51cvss 7.8epss 0.01

    The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

  • CVE-2017-2425HigApr 2, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "SecurityFoundation" component. A double free vulnerability allows remote attackers to execute arbitrary code via a crafted certificate.

  • CVE-2017-5506HigMar 24, 2017
    risk 0.51cvss 7.8epss 0.02

    Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.