The product calls free() twice on the same memory address.

What CVEs are caused by CWE-415?

271 recorded CVEs are attributed to CWE-415, including CVE-2014-0502, CVE-2020-9859, CVE-2018-4990. 5 are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.

How do you prevent CWE-415?

Choose a language that provides automatic memory management.

How is CWE-415 detected?

Fuzzing: Fuzz testing (fuzzing) is a powerful technique for generating large numbers of diverse inputs - either randomly or algorithmically - and dynamically invoking the code with those inputs. Even with random inputs, it is often capable of generating unexpected results such as crashes, memory corruption, or resource consumption. Fuzzing effectively produces repeatable test cases that clearly indicate bugs, which helps developers to diagnose the issues.

What are the consequences of CWE-415?

Exploiting CWE-415 can lead to: Modify Memory, Execute Unauthorized Code or Commands.

Is CWE-415 actively exploited?

Yes. 5 CWE-415 vulnerabilities are in CISA's KEV catalog of actively exploited flaws, out of 271 recorded CVEs.

CWE-415: Double Free (Double-free)

CISA KEV

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

The following code shows a simple example of a double free vulnerability.

Vulnerable example

char* ptr = (char*)malloc (SIZE);

While contrived, this code should be exploitable on Linux distributions that do not ship with heap-chunk check summing turned on.

Vulnerable example

#include <stdio.h>

CWE-415: Double Free

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

How to detect it

Fuzzing

Automated Static Analysis

Automated Dynamic Analysis

Code examples

Illustrative examples

Terminology & mappings

Alternate terms

Mapped taxonomies

Frequently asked questions

What is CWE-415?

What CVEs are caused by CWE-415?

How do you prevent CWE-415?

How is CWE-415 detected?

What are the consequences of CWE-415?

Is CWE-415 actively exploited?

References

Stay ahead of CWE-415

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

How to detect it

Fuzzing

Automated Static Analysis

Automated Dynamic Analysis

Code examples

Illustrative examples

Related weaknesses

Parent

Peer

Related

Terminology & mappings

Alternate terms

Mapped taxonomies

Frequently asked questions

What is CWE-415?

What CVEs are caused by CWE-415?

How do you prevent CWE-415?

How is CWE-415 detected?

What are the consequences of CWE-415?

Is CWE-415 actively exploited?

References

Stay ahead of CWE-415