Vulnerabilities > Double Free

DATE CVE VULNERABILITY TITLE RISK
2024-12-04 CVE-2024-53133 Double Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash [Why] In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid.
local
low complexity
linux CWE-415
7.8
2024-11-19 CVE-2024-50276 Double Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net: vertexcom: mse102x: Fix possible double free of TX skb The scope of the TX skb is wider than just mse102x_tx_frame_spi(), so in case the TX skb room needs to be expanded, we should free the the temporary skb instead of the original skb.
local
low complexity
linux CWE-415
7.8
2024-11-12 CVE-2024-47426 Double Free vulnerability in Adobe Substance 3D Painter
Substance3D - Painter versions 10.1.0 and earlier are affected by a Double Free vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-415
7.8
2024-11-09 CVE-2024-50215 Double Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup() for the same controller.
local
low complexity
linux CWE-415
7.8
2024-11-09 CVE-2024-50235 Double Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network namespace, then destroyed later, running this code again, which results in a double-free.
local
low complexity
linux CWE-415
7.8
2024-11-07 CVE-2024-50152 Double Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. 1304 | kfree(ea); | ^~~~~~~~~ There is a double free in such case: 'ea is initialized to NULL' -> 'first successful memory allocation for ea' -> 'something failed, goto sea_exit' -> 'first memory release for ea' -> 'goto replay_again' -> 'second goto sea_exit before allocate memory for ea' -> 'second memory release for ea resulted in double free'. Re-initialie 'ea' to NULL near to the replay_again label, it can fix this double free problem.
local
low complexity
linux CWE-415
5.5
2024-11-07 CVE-2024-50159 Double Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() Clang static checker(scan-build) throws below warning: | drivers/firmware/arm_scmi/driver.c:line 2915, column 2 | Attempt to free released memory. When devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup() will run twice which causes double free of 'dbg->name'. Remove the redundant scmi_debugfs_common_cleanup() to fix this problem.
local
low complexity
linux CWE-415
7.8
2024-11-05 CVE-2024-47404 Double Free vulnerability in Openatom Openharmony
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free.
local
low complexity
openatom CWE-415
7.8
2024-10-29 CVE-2024-50071 Double Free vulnerability in Linux Kernel 6.11/6.12
In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() 'new_map' is allocated using devm_* which takes care of freeing the allocated data on device removal, call to .dt_free_map = pinconf_generic_dt_free_map double frees the map as pinconf_generic_dt_free_map() calls pinctrl_utils_free_map(). Fix this by using kcalloc() instead of auto-managed devm_kcalloc().
local
low complexity
linux CWE-415
7.8
2024-10-21 CVE-2024-50055 Double Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the first free.
local
low complexity
linux CWE-415
7.8