Double Free

CWE-415

Overtime trend (NVD)

CVSS severity (NVD, All Time)

Per technology (GHSA, All time)

62%-Rust
33%-Pip
1%-RubyGems
1%-Nuget

Short description

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

Extended description

When a program calls free() twice with the same argument, the program's memory management data structures become corrupted. This corruption can cause the program to crash or, in some circumstances, cause two later calls to malloc() to return the same pointer. If malloc() returns the same value twice and the program later gives the attacker control over the data that is written into this doubly-allocated memory, the program becomes vulnerable to a buffer overflow attack.

Best practices to prevent this CWE

Phase: Architecture and Design

Choose a language that provides automatic memory management.

Phase: Implementation

Ensure that each allocation is freed only once. After freeing a chunk, set the pointer to NULL to ensure the pointer cannot be freed again. In complicated error conditions, be sure that clean-up routines respect the state of allocation properly. If the language is object oriented, ensure that object destructors delete each chunk of memory only once.

Phase: Implementation

Use a static analysis tool to find double free instances.

Recently published CVEs

CVE-2024-47426
CVE-2024-49014
CVE-2024-43640
CVE-2024-43447
CVE-2024-50235

Recently published GHSA

GHSA-xwc8-rf6m-xr86
GHSA-f49c-87jh-g47q
GHSA-v5w6-wcm8-jm4q
GHSA-fm67-cv37-96ff
GHSA-5j8w-r7g8-5472

Prioritize and Uncover Reachable Vulnerabilities in Your Application Code

Identify externally reachable data flows and vulnerabilities for effective risk mitigation

Get a Demo