Vulnerabilities > Improper Release of Memory Before Removing Last Reference ('Memory Leak')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-21 | CVE-2024-47677 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates more memory, leading to a memory leak. Here's link to syzkaller crash report illustrating this issue: https://syzkaller.appspot.com/text?tag=CrashReport&x=1406c201980000 | 5.5 |
| 2024-10-11 | CVE-2024-47493 | A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In case of channelized Modular Interface Cards (MICs), every physical interface flap operation will leak heap memory. low complexity CWE-401 | 6.5 |
| 2024-10-08 | CVE-2024-8626 | Memory Leak vulnerability in Rockwellautomation products Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. | 7.5 |
| 2024-10-08 | CVE-2024-43696 | Memory Leak vulnerability in Openatom Openharmony in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. | 5.5 |
| 2024-09-18 | CVE-2024-46779 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Free pvr_vm_gpuva after unlink This caused a measurable memory leak. | 5.5 |
| 2024-09-11 | CVE-2024-20304 | Memory Leak vulnerability in Cisco IOS XR A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. | 7.5 |
| 2024-09-05 | CVE-2024-7884 | Memory Leak vulnerability in Dfinity Canister Developer KIT for the Internet Computer When a canister method is called via ic_cdk::call* , a new Future CallFuture is created and can be awaited by the caller to get the execution result. | 7.5 |
| 2024-09-04 | CVE-2024-44979 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing workqueue destroy in xe_gt_pagefault On driver reload we never free up the memory for the pagefault and access counter workqueues. | 5.5 |
| 2024-09-04 | CVE-2024-44964 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restoring q_vector->vport pointers after reinitializating the structures. This is due to that all queue allocation functions are performed here with the new temporary vport structure and those functions rewrite the backpointers to the vport. | 7.8 |
| 2024-09-04 | CVE-2024-44969 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. | 5.5 |