CVE-2023-37365

NVD

CWE

Hnswlib 0.7.0 has a double free in init_index when the M argument is a large integer.

The product calls free() twice on the same memory address.

Name	Vendor	Start Version	End Version
Hnswlib	Hnswlib_project	0.7.0 (including)	0.7.0 (including)
Hnswlib	Ubuntu	bionic	*
Hnswlib	Ubuntu	kinetic	*
Hnswlib	Ubuntu	lunar	*
Hnswlib	Ubuntu	mantic	*
Hnswlib	Ubuntu	oracular	*
Hnswlib	Ubuntu	trusty	*
Hnswlib	Ubuntu	xenial	*

Double Free