Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
CVE-2020-37239: libbabl: Double Free Allows Memory Corruption and Code Execution
CVE-2020-37239
Summary
The libbabl library has a security flaw that can be exploited by attackers to cause harm to a system. This can happen if an attacker is able to call a certain function twice on the same piece of memory without being detected, potentially leading to system crashes or unauthorized code execution. To stay safe, consider updating to a newer version of libbabl that has fixed this issue.
Original title
libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call bab...
Original description
libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call babl_free() twice on the same pointer without triggering detection, as libc's malloc metadata overwrites babl's signature field upon freeing, enabling potential memory corruption and code execution.
nvd CVSS3.1
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-415
Published: 16 May 2026 · Updated: 28 May 2026 · First seen: 16 May 2026