CWE-401

Medium likelihood

Missing Release of Memory after Effective Lifetime

Parent: CWE-772 - Missing Release of Resource after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

1,753 vulnerabilities with CWE-401
CVE-2024-39539 MEDIUM
Juniper Junos OS MX Series DoS via Subscriber Login Memory Leak
CVSS 5.3
CVE-2024-39536 MEDIUM
Juniper Junos OS & Evolved < 21.2R3-S8 - DoS via BFD Session Auth Flap
CVSS 5.3
CVE-2024-39493 MEDIUM
Linux Kernel - Use-After-Free in ADF_DEV_RESET_SYNC
CVSS 5.5
CVE-2024-39490 MEDIUM
Linux Kernel 4.12-5.15.161 5.16-6.1.93 6.2-6.6.33 6.7-6.9.4 - Use-After-Free in seg6_input_core
CVSS 6.2
CVE-2024-39489 MEDIUM
Linux Kernel 4.10-6.9.3 - Use-After-Free in seg6_hmac_init_algo
CVSS 5.5
CVE-2024-3653 MEDIUM
Undertow 2.3.0.Alpha1-2.3.15.Final - Use-After-Free in Learning-Push Handler
CVSS 5.3
CVE-2024-38632 MEDIUM
Linux Kernel - Use-After-Free in vfio_intx_enable()
CVSS 5.5
CVE-2024-38388 LOW
Linux Kernel 6.0-6.1.92, 6.2-6.6.32, 6.7-6.9.3 - Use-After-Free in ALSA HD Audio DSP Control
CVSS 3.3
CVE-2024-38611 MEDIUM
Linux Kernel 4.11-6.9.3 - Use-After-Free in et8ek8 I2C Driver
CVSS 5.5
CVE-2024-38603 MEDIUM
Linux Kernel 6.0-6.1.92, 6.2-6.6.32, 6.7-6.8.11, 6.9-6.9.2 - Use-After-Free in PCI IRQ Vector Allocation
CVSS 5.5
CVE-2024-38563 MEDIUM
Linux Kernel 6.8-6.8.11, 6.9-6.9.2 - Use-After-Free in mt7996 Chip Temperature Reading
CVSS 5.5
CVE-2024-38539 MEDIUM
Linux Kernel 6.6-6.6.32, 6.7-6.8.11, 6.9-6.9.2 - Use-After-Free in RDMA/cma GID Attribute Handling
CVSS 5.5
CVE-2024-36967 MEDIUM
Linux Kernel 5.13-5.15.159, 5.16-6.1.91, 6.2-6.6.31, 6.7-6.8.10, 6.9-6.9.1 - Use-After-Free in tpm2_key_encode()
CVSS 5.5
CVE-2024-36954 MEDIUM
Linux Kernel - Use-After-Free in TIPC Buffer Append
CVSS 5.5
CVE-2024-36947 MEDIUM
Linux Kernel 5.13-5.15.158, 5.16-6.1.90, 6.2-6.6.30, 6.7-6.8.9 - Use-After-Free in qibfs
CVSS 5.5
CVE-2024-36946 MEDIUM
Linux Kernel Use-After-Free in Phonet Route Notification
CVSS 5.5
CVE-2024-36945 MEDIUM
Linux Kernel 5.16-6.1.91, 6.2-6.6.31, 6.7-6.8.10 - Use-After-Free in SMC Route Resolution
CVSS 5.5
CVE-2024-36911 MEDIUM
Linux Kernel < 6.6.31, 6.7.0-6.8.10, >=6.9 - Use-After-Free in netvsc Driver
CVSS 5.5
CVE-2024-36909 MEDIUM
Linux Kernel < 6.1.91, 6.2.0-6.6.31, 6.7.0-6.8.10 - Use-After-Free in VMBus Ring Buffer Handling
CVSS 5.5
CVE-2024-5294 MEDIUM
D-Link DIR-3040 Firmware - Unauthenticated Denial-of-Service via Memory Leak in prog.cgi
CVSS 6.5
CVE-2024-4435 MEDIUM
ic-stable-structures 0.6.0-0.6.3 - Memory Leak in BTreeMap Unbounded Type Storage
CVSS 5.9
CVE-2024-35994 MEDIUM
Linux Kernel 6.7-6.8.9 - Use-After-Free in QSEECOM APP_SEND Command
CVSS 5.5
CVE-2024-35978 MEDIUM
Linux Kernel - Use-After-Free in Bluetooth HCI Request Sync Completion
CVSS 5.5
CVE-2024-35972 MEDIUM
Linux Kernel - Use-After-Free in bnxt_rdma_aux_device_init()
CVSS 5.5
CVE-2024-35956 MEDIUM
Linux Kernel 5.9.5-6.8.6 - Use-After-Free in Btrfs Qgroup
CVSS 5.5
Details
Vulnerabilities 1,753
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits