CVE-2020-14123

HIGH Year: 2020
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-415
View all →

Vulnerability Description

There is a pointer double free vulnerability in Some MIUI Services. When a function is called, the memory pointer is copied to two function modules, and an attacker can cause the pointer to be repeatedly released through malicious operations, resulting in the affected module crashing and affecting normal functionality, and if successfully exploited the vulnerability can cause elevation of privileges.

Related Vulnerabilities

CVE-2005-0891

HIGH
CVSS:7.5(High)

Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.

CWE-4152005

CVE-2011-2335

HIGH
CVSS:7.5(High)

A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.

CWE-4152011

CVE-2015-5177

HIGH
CVSS:7.5(High)

Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (crash) via a crafted package.

CWE-4152015

CVE-2016-9969

HIGH
CVSS:7.5(High)

In libwebp 0.5.1, there is a double free bug in libwebpmux.

CWE-4152016

CVE-2017-18594

HIGH
CVSS:7.5(High)

nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-method...

CWE-4152017

CVE-2017-5836

HIGH
CVSS:7.5(High)

The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an inva...

CWE-4152017