Double free

2021-04-2813:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

42.5%

JSON

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.

CPENameOperatorVersion
cloudengine_12800_firmwareeq200r2c50spc800-v
cloudengine_12800_firmwareeq200r3c0spc810-v
cloudengine_12800_firmwareeq200r5c0spc800-v
cloudengine_12800_firmwareeq200r5c10spc800-v
cloudengine_5800_firmwareeq200r2c50spc800-v
cloudengine_5800_firmwareeq200r3c0spc810-v
cloudengine_5800_firmwareeq200r5c0spc800-v
cloudengine_5800_firmwareeq200r5c10spc800-v
cloudengine_6800_firmwareeq200r2c50spc800-v
cloudengine_6800_firmwareeq200r3c0spc810-v

Name	Operator	Version
cloudengine_12800_firmware	eq	200r2c50spc800-v
cloudengine_12800_firmware	eq	200r3c0spc810-v
cloudengine_12800_firmware	eq	200r5c0spc800-v
cloudengine_12800_firmware	eq	200r5c10spc800-v
cloudengine_5800_firmware	eq	200r2c50spc800-v
cloudengine_5800_firmware	eq	200r3c0spc810-v
cloudengine_5800_firmware	eq	200r5c0spc800-v
cloudengine_5800_firmware	eq	200r5c10spc800-v
cloudengine_6800_firmware	eq	200r2c50spc800-v
cloudengine_6800_firmware	eq	200r3c0spc810-v