CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-PCPM-W6GC-FM98
Vulnerability from github – Published: 2025-09-18 18:30 – Updated: 2025-12-12 21:31In the Linux kernel, the following vulnerability has been resolved:
wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()
mhi_alloc_controller() allocates a memory space for mhi_ctrl. When gets some error, mhi_ctrl should be freed with mhi_free_controller(). But when ath11k_mhi_read_addr_from_dt() fails, the function returns without calling mhi_free_controller(), which will lead to a memory leak.
We can fix it by calling mhi_free_controller() when ath11k_mhi_read_addr_from_dt() fails.
{
"affected": [],
"aliases": [
"CVE-2022-50418"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-18T16:15:45Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()\n\nmhi_alloc_controller() allocates a memory space for mhi_ctrl. When gets\nsome error, mhi_ctrl should be freed with mhi_free_controller(). But\nwhen ath11k_mhi_read_addr_from_dt() fails, the function returns without\ncalling mhi_free_controller(), which will lead to a memory leak.\n\nWe can fix it by calling mhi_free_controller() when\nath11k_mhi_read_addr_from_dt() fails.",
"id": "GHSA-pcpm-w6gc-fm98",
"modified": "2025-12-12T21:31:31Z",
"published": "2025-09-18T18:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50418"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/015ced9eb63b8b19cb725a1d592d150b60494ced"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/43e7c3505ec70db3d3c6458824d5fa40f62e3e7b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/72ef896e80b6ec7cdc1dd42577045f8e7c9c32b3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PCVH-VV8G-JM39
Vulnerability from github – Published: 2022-08-05 00:00 – Updated: 2022-08-11 00:00The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.
{
"affected": [],
"aliases": [
"CVE-2022-35858"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-04T20:15:00Z",
"severity": "HIGH"
},
"details": "The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.",
"id": "GHSA-pcvh-vv8g-jm39",
"modified": "2022-08-11T00:00:32Z",
"published": "2022-08-05T00:00:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35858"
},
{
"type": "WEB",
"url": "https://github.com/Samsung/mTower/issues/71"
},
{
"type": "WEB",
"url": "https://github.com/Samsung/mTower/blob/18f4b592a8a973ce5972f4e2658ea0f6e3686284/tee/lib/libutee/tee_api_objects.c#L283"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PFJ6-PXH2-F24M
Vulnerability from github – Published: 2024-05-17 15:31 – Updated: 2024-11-07 00:30In the Linux kernel, the following vulnerability has been resolved:
firmware: qcom: qseecom: fix memory leaks in error paths
Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed.
{
"affected": [],
"aliases": [
"CVE-2023-52684"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-17T15:15:19Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: qseecom: fix memory leaks in error paths\n\nFix instances of returning error codes directly instead of jumping to\nthe relevant labels where memory allocated for the SCM calls would be\nfreed.",
"id": "GHSA-pfj6-pxh2-f24m",
"modified": "2024-11-07T00:30:35Z",
"published": "2024-05-17T15:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52684"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6c57d7b593c4a4e60db65d5ce0fe1d9f79ccbe9b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/85fdbf6840455be64eac16bdfe0df3368ee3d0f0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PFRQ-P4GG-QWX6
Vulnerability from github – Published: 2025-10-23 18:31 – Updated: 2025-10-23 18:31In the Linux kernel, the following vulnerability has been resolved:
platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource
Unlike release_mem_region(), a call to release_resource() does not free the resource, so it has to be freed explicitly to avoid a memory leak.
{
"affected": [],
"aliases": [
"CVE-2022-49665"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:41Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource\n\nUnlike release_mem_region(), a call to release_resource() does not\nfree the resource, so it has to be freed explicitly to avoid a memory\nleak.",
"id": "GHSA-pfrq-p4gg-qwx6",
"modified": "2025-10-23T18:31:05Z",
"published": "2025-10-23T18:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49665"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3884bf75fa044c73e843d95dd71a424e80ebb095"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d2f33f0c3ad7b0d5262d9b986f1353265fad7a08"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PFV7-6GR3-PF99
Vulnerability from github – Published: 2024-11-07 12:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()
The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb() to fix it.
{
"affected": [],
"aliases": [
"CVE-2024-50168"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-07T10:15:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sun3_82586: fix potential memory leak in sun3_82586_send_packet()\n\nThe sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb\nin case of skb-\u003elen being too long, add dev_kfree_skb() to fix it.",
"id": "GHSA-pfv7-6gr3-pf99",
"modified": "2025-11-04T00:31:57Z",
"published": "2024-11-07T12:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50168"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/137010d26dc5cd47cd62fef77cbe952d31951b7a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1a17a4ac2d57102497fac53b53c666dba6a0c20d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2cb3f56e827abb22c4168ad0c1bbbf401bb2f3b8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6dc937a3086e344f965ca5c459f8f3eb6b68d890"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/84f2bac74000dbb7a177d9b98a17031ec8d07ec5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8d5b20fbc548650019afa96822b6a33ea4ec8aa5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9c6ce55e6f0bd1541f112833006b4052614c7d94"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/db755e55349045375c5c7036e8650afb3ff419d8"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PG5J-WJ7F-H3MX
Vulnerability from github – Published: 2025-03-18 21:32 – Updated: 2025-11-03 21:32In the Linux kernel, the following vulnerability has been resolved:
vfio/pci: fix memory leak during D3hot to D0 transition
If 'vfio_pci_core_device::needs_pm_restore' is set (PCI device does not have No_Soft_Reset bit set in its PMCSR config register), then the current PCI state will be saved locally in 'vfio_pci_core_device::pm_save' during D0->D3hot transition and same will be restored back during D3hot->D0 transition. For saving the PCI state locally, pci_store_saved_state() is being used and the pci_load_and_free_saved_state() will free the allocated memory.
But for reset related IOCTLs, vfio driver calls PCI reset-related API's which will internally change the PCI power state back to D0. So, when the guest resumes, then it will get the current state as D0 and it will skip the call to vfio_pci_set_power_state() for changing the power state to D0 explicitly. In this case, the memory pointed by 'pm_save' will never be freed. In a malicious sequence, the state changing to D3hot followed by VFIO_DEVICE_RESET/VFIO_DEVICE_PCI_HOT_RESET can be run in a loop and it can cause an OOM situation.
This patch frees the earlier allocated memory first before overwriting 'pm_save' to prevent the mentioned memory leak.
{
"affected": [],
"aliases": [
"CVE-2022-49219"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:00:58Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: fix memory leak during D3hot to D0 transition\n\nIf \u0027vfio_pci_core_device::needs_pm_restore\u0027 is set (PCI device does\nnot have No_Soft_Reset bit set in its PMCSR config register), then\nthe current PCI state will be saved locally in\n\u0027vfio_pci_core_device::pm_save\u0027 during D0-\u003eD3hot transition and same\nwill be restored back during D3hot-\u003eD0 transition.\nFor saving the PCI state locally, pci_store_saved_state() is being\nused and the pci_load_and_free_saved_state() will free the allocated\nmemory.\n\nBut for reset related IOCTLs, vfio driver calls PCI reset-related\nAPI\u0027s which will internally change the PCI power state back to D0. So,\nwhen the guest resumes, then it will get the current state as D0 and it\nwill skip the call to vfio_pci_set_power_state() for changing the\npower state to D0 explicitly. In this case, the memory pointed by\n\u0027pm_save\u0027 will never be freed. In a malicious sequence, the state changing\nto D3hot followed by VFIO_DEVICE_RESET/VFIO_DEVICE_PCI_HOT_RESET can be\nrun in a loop and it can cause an OOM situation.\n\nThis patch frees the earlier allocated memory first before overwriting\n\u0027pm_save\u0027 to prevent the mentioned memory leak.",
"id": "GHSA-pg5j-wj7f-h3mx",
"modified": "2025-11-03T21:32:52Z",
"published": "2025-03-18T21:32:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49219"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/26ddd196e9eb264da8e1bdc4df8a94d62581c8b5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4319f17fb8264ba39352b611dfa913a4d8c1d1a0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c8a1f8bd586ee31020614b8d48b702ece3e2ae44"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/da426ad86027b849b877d4628b277ffbbd2f5325"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/eadf88ecf6ac7d6a9f47a76c6055d9a1987a8991"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PG9F-25WH-974H
Vulnerability from github – Published: 2025-10-23 12:31 – Updated: 2025-10-23 12:31In the Linux kernel, the following vulnerability has been resolved:
net: stmmac: fix leaks in probe
These two error paths should clean up before returning.
{
"affected": [],
"aliases": [
"CVE-2022-49628"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:38Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix leaks in probe\n\nThese two error paths should clean up before returning.",
"id": "GHSA-pg9f-25wh-974h",
"modified": "2025-10-23T12:31:15Z",
"published": "2025-10-23T12:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49628"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/23aa6d5088e3bd65de77c5c307237b9937f8b48a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dd91bc60f305610401b2196bedb573693d6c8e46"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f4bd3202a2b4194ab6c0ce61628095d54f994db4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PGG7-9G7G-JG57
Vulnerability from github – Published: 2025-05-20 18:30 – Updated: 2026-07-14 15:31In the Linux kernel, the following vulnerability has been resolved:
net: lan743x: Fix memleak issue when GSO enabled
Always map the skb to the LS descriptor. Previously skb was
mapped to EXT descriptor when the number of fragments is zero with
GSO enabled. Mapping the skb to EXT descriptor prevents it from
being freed, leading to a memory leak
{
"affected": [],
"aliases": [
"CVE-2025-37909"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-20T16:15:27Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Fix memleak issue when GSO enabled\n\nAlways map the `skb` to the LS descriptor. Previously skb was\nmapped to EXT descriptor when the number of fragments is zero with\nGSO enabled. Mapping the skb to EXT descriptor prevents it from\nbeing freed, leading to a memory leak",
"id": "GHSA-pgg7-9g7g-jg57",
"modified": "2026-07-14T15:31:21Z",
"published": "2025-05-20T18:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37909"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/093855ce90177488eac772de4eefbb909033ce5f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/189b05f189cac9fd233ef04d31cb5078c4d09c39"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2d52e2e38b85c8b7bc00dca55c2499f46f8c8198"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6c65ee5ad632eb8dcd3a91cf5dc99b22535f44d9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a0e0efbabbbe6a1859bc31bf65237ce91e124b9b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dae1ce27ceaea7e1522025b15252e3cc52802622"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/df993daa4c968b4b23078eacc248f6502ede8664"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f42c18e2f14c1b1fdd2a5250069a84bc854c398c"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PGJ7-6V58-MXR9
Vulnerability from github – Published: 2025-09-16 15:32 – Updated: 2025-12-03 00:30In the Linux kernel, the following vulnerability has been resolved:
misc: vmw_balloon: fix memory leak with using debugfs_lookup()
When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.
{
"affected": [],
"aliases": [
"CVE-2023-53279"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-16T08:15:36Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: vmw_balloon: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic at\nonce.",
"id": "GHSA-pgj7-6v58-mxr9",
"modified": "2025-12-03T00:30:27Z",
"published": "2025-09-16T15:32:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53279"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/209cdbd07cfaa4b7385bad4eeb47e5ec1887d33d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b94b39bf3d545671f210a2257d18e33c8b874699"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d1c545e44c1ec08bef0c0c14e632eec516431e9c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f7651fa88b17c2d7af949981a2423179db5e9453"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PGJF-J2HP-QQXV
Vulnerability from github – Published: 2025-05-20 18:30 – Updated: 2025-12-16 21:30In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix memory leak in parse_lease_state()
The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocated lease_ctx_info structure.
This patch fixes the issue by adding kfree(lreq) before returning NULL in both boundary check cases.
{
"affected": [],
"aliases": [
"CVE-2025-37962"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-20T16:15:34Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix memory leak in parse_lease_state()\n\nThe previous patch that added bounds check for create lease context\nintroduced a memory leak. When the bounds check fails, the function\nreturns NULL without freeing the previously allocated lease_ctx_info\nstructure.\n\nThis patch fixes the issue by adding kfree(lreq) before returning NULL\nin both boundary check cases.",
"id": "GHSA-pgjf-j2hp-qqxv",
"modified": "2025-12-16T21:30:49Z",
"published": "2025-05-20T18:30:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37962"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2148d34371b06dac696c0497a98a6bf905a51650"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/829e19ef741d9e9932abdc3bee5466195e0852cf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/af9e2d4732a548db8f6f5a90c2c20a789a3d7240"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/eb4447bcce915b43b691123118893fca4f372a8f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/facf22c1a394c1e023dab5daf9a494f722771e1c"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.