Double Free

A double free occurs when free()/delete is invoked more than once on the same pointer. The allocator's free lists or bin structures become inconsistent, allowing attackers to trick a later allocation into returning attacker-influenced memory or into overlapping live objects — a primitive that can lead to arbitrary writes and code execution. Double frees are tracked as CWE-415 and often coexist with use-after-free and double-fetch bugs. Defences include single-ownership patterns (RAII, smart pointers), setting pointers to NULL after free, hardened allocators that detect duplicate frees (tcache double-free protection in glibc, scudo), AddressSanitizer testing, and memory-safe languages.