CVE Vulnerabilities

CVE-2022-40515

Double Free

Published: Mar 10, 2023 | Modified: Nov 21, 2024
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

Weakness

The product calls free() twice on the same memory address.

Affected Software

NameVendorStart VersionEnd Version
Apq8009_firmwareQualcomm- (including)- (including)

Potential Mitigations

References