Skip to main content

Double Free

CVE-2008-2944

Severity Medium
Score 4.9/10

Summary

Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365.

  • LOW
  • LOCAL
  • NONE
  • NONE
  • NONE
  • COMPLETE

CWE-415 - Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References

Advisory Timeline

  • Published