CWE-401

Medium likelihood

Missing Release of Memory after Effective Lifetime

Parent: CWE-772 - Missing Release of Resource after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

1,753 vulnerabilities with CWE-401
CVE-2024-50084 MEDIUM
Linux Kernel - Use-After-Free in vcap_api_encode_rule_test
CVSS 5.5
CVE-2024-50068 MEDIUM
Linux Kernel 6.7-6.11.5 - Use-After-Free in DAMON Sysfs Target Regions
CVSS 5.5
CVE-2024-50064 MEDIUM
Linux Kernel 6.2-6.6.56, 6.7-6.11.3, 6.12 - Use-After-Free in ZRAM Secondary Algorithm Name Handling
CVSS 5.5
CVE-2024-50041 MEDIUM
Linux Kernel 5.15.54-5.15.167 - Use-After-Free in i40e macvlan Filter Handling
CVSS 5.5
CVE-2024-50013 MEDIUM
Linux Kernel 5.7-6.11.3 - Memory Leak in exfat_load_bitmap()
CVSS 5.5
CVE-2024-49975 MEDIUM
Linux Kernel - Information Disclosure via Uninitialized Page Mapping in uprobes
CVSS 5.5
CVE-2024-49870 MEDIUM
Linux Kernel 5.17-6.1.113, 6.2-6.6.55, 6.7-6.10.14, 6.11-6.11.3 - Use-After-Free in cachefiles_open_file
CVSS 5.5
CVE-2024-47677 MEDIUM
Linux Kernel - Use-After-Free in exfat_create_upcase_table
CVSS 5.5
CVE-2024-8376 HIGH
Eclipse Mosquitto <2.0.18a - Use After Free
CVSS 7.5
CVE-2024-47493 MEDIUM
Junos OS MX - PFE Memory Leak Denial of Service
CVSS 6.5
CVE-2024-8626 HIGH
Rockwell Automation CompactLogix 5380 Firmware 33.011-33.014 - Denial of Service via Memory Leak
CVSS 7.5
CVE-2024-43696 LOW
OpenHarmony < 4.1.0 - Denial of Service via Memory Leak
CVSS 3.3
CVE-2024-46779 MEDIUM
Linux Kernel 6.8-6.10.9 - Use-After-Free in DRM PVR VM GPUVA Handling
CVSS 5.5
CVE-2024-20304 HIGH
Cisco IOS XR - Unauthenticated Denial of Service via Mtrace2 UDP Packet Memory Exhaustion
CVSS 8.6
CVE-2024-7884 HIGH
dfinity Canister Developer Kit for the Internet Computer 0.8.0-0.8.2 - Use-After-Free in CallFuture Polling
CVSS 7.5
CVE-2024-44979 MEDIUM
Linux Kernel - Memory Leak in drm/xe
CVSS 5.5
CVE-2024-44971 MEDIUM
Linux Kernel - Use-After-Free in bcm_sf2_mdio_register
CVSS 5.5
CVE-2024-44969 MEDIUM
Linux Kernel < 4.19.320 Use-After-Free in SCLP Store Data Operation
CVSS 5.5
CVE-2024-44964 HIGH
Linux Kernel 6.7-6.10.4 - Use-After-Free in idpf Soft Reset
CVSS 7.8
CVE-2024-44944 MEDIUM
Linux Kernel - Use-After-Free in Netfilter Expectation Deletion
CVSS 5.5
CVE-2024-43913 MEDIUM
Linux Kernel - Use-After-Free in NVMe Apple Controller Device Reference Counting
CVSS 5.5
CVE-2024-43880 MEDIUM
Linux Kernel - Use-After-Free in mlxsw Spectrum ACL ERP Object Aggregation
CVSS 5.5
CVE-2024-43871 MEDIUM
Linux Kernel - Use-After-Free in devm_free_percpu
CVSS 5.5
CVE-2024-43870 MEDIUM
Linux Kernel 5.15.84-5.15.165 - Use-After-Free via Task Work Event Leak
CVSS 5.5
CVE-2024-43869 MEDIUM
Linux Kernel 5.15.84-5.15.165 - Use-After-Free in perf_event_exit_event
CVSS 5.5
Details
Vulnerabilities 1,753
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits