ASA-2019-00554 – WhatsApp: Double free vulnerability in the DDGifSlurp function

A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service.

ASA-2019-00538 – curl: FTP-KRB double-free

libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPT_KRBLEVEL option. During such kerberos FTP data transfer, the server sends data to curl in blocks with the 32 bit size of each block first and then that amount of data immediately following. A malicious or just broken server can claim to send a very large block and if by doing that it makes curl's subsequent call to realloc() to fail, curl would then misbehave in the exit path and double-free the memory. In practical terms, an up to 4 GB memory area may very well be fine to allocate on a modern 64 bit system but on 32 bit systems it will fail.

ASA-2019-00386 – VLC: Double free in zlib_decompress_extra()

A remote user can create some specially crafted mkv files that, when loaded by the target user, will trigger a double free in zlib_decompress_extra() (demux/mkv/utils.cpp) respectively. If successful, a malicious third party could trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user.

ASA-2019-00158 – GnuTLS: Use-after-free/double-free in certificate verification

A flaw was found in gnutls 3.5.8 or later. A use-after-free in multi-threaded-clients and a double-free vulnerability in single-threaded clients because _gnutls_x509_get_signature does not clear signature->data in the cleanup path.

ASA-2019-00141 – Intel: Double-free vulnerability in Intel SGX SDK

Double-free vulnerability in Intel SGX SDK for Linux before version 2.2 and Intel SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access.