CVE-2024-46741

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-415
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix double free of 'buf' in error path smatch warning: drivers/misc/fastrpc.c:1926 fastrpc_req_mmap() error: double free of 'buf' In fastrpc_req_mmap() error path, the fastrpc buffer is freed in fastrpc_req_munmap_impl() if unmap is successful. But in the end, there is an unconditional call to fastrpc_buf_free(). So the above case triggers the double free of fastrpc buf.

Related Vulnerabilities

CVE-2003-1048

HIGH
CVSS:7.8(High)

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

CWE-4152003

CVE-2015-9007

HIGH
CVSS:7.8(High)

In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.

CWE-4152015

CVE-2016-5384

HIGH
CVSS:7.8(High)

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache...

CWE-4152016

CVE-2016-8693

HIGH
CVSS:7.8(High)

Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a craf...

CWE-4152016

CVE-2017-11032

HIGH
CVSS:7.8(High)

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in t...

CWE-4152017

CVE-2017-13181

HIGH
CVSS:7.8(High)

In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code exec...

CWE-4152017