CVE-2024-27433

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-415
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() 'clk_data' is allocated with mtk_devm_alloc_clk_data(). So calling mtk_free_clk_data() explicitly in the remove function would lead to a double-free. Remove the redundant call.

Related Vulnerabilities

CVE-2003-1048

HIGH
CVSS:7.8(High)

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

CWE-4152003

CVE-2015-9007

HIGH
CVSS:7.8(High)

In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.

CWE-4152015

CVE-2016-5384

HIGH
CVSS:7.8(High)

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache...

CWE-4152016

CVE-2016-8693

HIGH
CVSS:7.8(High)

Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a craf...

CWE-4152016

CVE-2017-11032

HIGH
CVSS:7.8(High)

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in t...

CWE-4152017

CVE-2017-13181

HIGH
CVSS:7.8(High)

In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code exec...

CWE-4152017