CVE-2020-37239— libbabl 0.1.62 Broken Double Free Detection Memory Safety

CVSS 9.8 · Critical EPSS 0.11% · P29 Updated May 19, 2026

Possible ATT&CK Techniques 1AI

T1203 · Exploitation for Client Execution

Affected Version Matrix 1

Vendor	Product	Version Range	Status
Gegl	libbabl	`0.1.62`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-37239

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

libbabl 0.1.62 Broken Double Free Detection Memory Safety

Source: NVD (National Vulnerability Database)

Vulnerability Description

libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call babl_free() twice on the same pointer without triggering detection, as libc's malloc metadata overwrites babl's signature field upon freeing, enabling potential memory corruption and code execution.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

双重释放

Source: NVD (National Vulnerability Database)

Vulnerability Title

babl 资源管理错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

babl是GEGL开源的一个支持高性能像素格式转换与图像数据处理的图像处理库。 babl 0.1.62版本存在资源管理错误漏洞，该漏洞源于双重释放检测机制失效，可能导致攻击者通过利用释放块中的签名覆盖绕过内存安全检查，对同一指针调用两次babl_free而不触发检测，实现潜在的内存损坏和代码执行。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Gegl	libbabl	0.1.62	-

II. Public POCs for CVE-2020-37239

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-37239

请登录查看更多情报信息。

Vendor Advisories for CVE-2020-37239 (1)

libbabl 0.1.62 Broken Double Free Detection Memory Safety | Advisories | VulnCheckthird-party-advisory

Exploits & Public PoCs for CVE-2020-37239 (1)

libbabl 0.1.62 - Broken Double Free Detection (PoC) - Linux local Exploitexploit

Vendor Pages for CVE-2020-37239 (2)

bablproduct
GEGLproduct

https://nvd.nist.gov/vuln/detail/CVE-2020-37239

IV. Related Vulnerabilities

Same weakness: CWE-415

V. Comments for CVE-2020-37239

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-37239— libbabl 0.1.62 Broken Double Free Detection Memory Safety

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

I. Basic Information for CVE-2020-37239

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-37239

III. Intelligence Information for CVE-2020-37239

Vendor Advisories for CVE-2020-37239 (1)

Exploits & Public PoCs for CVE-2020-37239 (1)

Vendor Pages for CVE-2020-37239 (2)

IV. Related Vulnerabilities

V. Comments for CVE-2020-37239

Leave a comment