CVE-2020-37239 (CVSS 9.8) — libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call babl_f

A critical vulnerability has been published under CVE-2020-37239, affecting libbabl version 0.1.62, a library used in image processing and graphics software. The flaw carries a CVSS score of 9.8, indicating severe risk. It involves a broken double free detection mechanism that allows attackers to bypass memory safety checks by overwriting signatures in freed memory chunks. This can be exploited to call the babl_f function in an unsafe manner, potentially leading to remote code execution or system compromise.

Organizations most at risk include those in the creative, media, and publishing sectors that rely on software using libbabl, such as GIMP or other graphics tools. Additionally, any EU-based enterprise integrating this library into custom applications or embedded systems should assess exposure. Given the high severity, this vulnerability could impact data integrity and system availability, raising concerns under GDPR and NIS2 frameworks for critical infrastructure operators.

Compliance teams should immediately verify whether libbabl 0.1.62 is present in their software inventory, including third-party dependencies. If found, prioritize patching to the latest version as soon as possible. Conduct a risk assessment to determine if any systems processing personal data are affected, and document remediation steps for audit readiness. Finally, update vulnerability management policies to include automated scanning for this CVE and similar high-severity library flaws.