CVE-2020-37239

CRITICAL

libbabl 0.1.62 Broken Double Free Detection Memory Safety

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37239. PoCs published by Carter Yagemann.

AI-analyzed exploit summary This PoC demonstrates a broken double-free detection mechanism in libbabl due to libc's malloc/free overwriting the signature used for tracking allocations. The exploit triggers a double-free condition without proper detection, leading to potential memory corruption.

Description

libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call babl_free() twice on the same pointer without triggering detection, as libc's malloc metadata overwrites babl's signature field upon freeing, enabling potential memory corruption and code execution.

Exploits (1)

exploitdb WORKING POC

by Carter Yagemann · clocallinux

https://www.exploit-db.com/exploits/49259

View Code ZIP pw:eip

This PoC demonstrates a broken double-free detection mechanism in libbabl due to libc's malloc/free overwriting the signature used for tracking allocations. The exploit triggers a double-free condition without proper detection, leading to potential memory corruption.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: libbabl 0.1.62 and newer

No auth needed

Prerequisites: libbabl installed · compilation with babl headers

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed May 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-49259

https://www.exploit-db.com/exploits/49259

Product product

Official Product Homepage

https://www.gegl.org

Product product

Product Reference

https://www.gegl.org/babl/

Third Party Advisory third-party-advisory

VulnCheck Advisory: libbabl 0.1.62 Broken Double Free Detection Memory Safety

https://www.vulncheck.com/advisories/libbabl-broken-double-free-detection-memory-safety

Scores

CVSS v3 9.8

EPSS 0.0011

EPSS Percentile 29.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-415

Status published

Products (1)

Gegl/libbabl 0.1.62

Published May 16, 2026

Tracked Since May 16, 2026