Vulnerabilities > Improper Release of Memory Before Removing Last Reference ('Memory Leak')

DATE CVE VULNERABILITY TITLE RISK
2024-10-21 CVE-2024-49870 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent: P1 | P2 ----------------------------------------------------------- cachefiles_lookup_cookie cachefiles_look_up_object lookup_one_positive_unlocked // get dentry cachefiles_cull inode->i_flags |= S_KERNEL_FILE; cachefiles_open_file cachefiles_mark_inode_in_use __cachefiles_mark_inode_in_use can_use = false if (!(inode->i_flags & S_KERNEL_FILE)) can_use = true return false return false // Returns an error but doesn't put dentry After that the following WARNING will be triggered when the backend folder is umounted: ================================================================== BUG: Dentry 000000008ad87947{i=7a,n=Dx_1_1.img} still in use (1) [unmount of ext4 sda] WARNING: CPU: 4 PID: 359261 at fs/dcache.c:1767 umount_check+0x5d/0x70 CPU: 4 PID: 359261 Comm: umount Not tainted 6.6.0-dirty #25 RIP: 0010:umount_check+0x5d/0x70 Call Trace: <TASK> d_walk+0xda/0x2b0 do_one_tree+0x20/0x40 shrink_dcache_for_umount+0x2c/0x90 generic_shutdown_super+0x20/0x160 kill_block_super+0x1a/0x40 ext4_kill_sb+0x22/0x40 deactivate_locked_super+0x35/0x80 cleanup_mnt+0x104/0x160 ================================================================== Whether cachefiles_open_file() returns true or false, the reference count obtained by lookup_positive_unlocked() in cachefiles_look_up_object() should be released. Therefore release that reference count in cachefiles_look_up_object() to fix the above issue and simplify the code.
local
low complexity
linux CWE-401
5.5
2024-10-21 CVE-2024-49975 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "[uprobes]" vma xol_add_vma() maps the uninitialized page allocated by __create_xol_area() into userspace.
local
low complexity
linux CWE-401
5.5
2024-10-21 CVE-2024-47677 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates more memory, leading to a memory leak. Here's link to syzkaller crash report illustrating this issue: https://syzkaller.appspot.com/text?tag=CrashReport&x=1406c201980000
local
low complexity
linux CWE-401
5.5
2024-10-11 CVE-2024-47493 A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In case of channelized Modular Interface Cards (MICs), every physical interface flap operation will leak heap memory.
low complexity
CWE-401
6.5
2024-10-08 CVE-2024-43696 Memory Leak vulnerability in Openatom Openharmony
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.
local
low complexity
openatom CWE-401
5.5
2024-09-18 CVE-2024-46779 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Free pvr_vm_gpuva after unlink This caused a measurable memory leak.
local
low complexity
linux CWE-401
5.5
2024-09-11 CVE-2024-20304 Memory Leak vulnerability in Cisco IOS XR
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory.
network
low complexity
cisco CWE-401
7.5
2024-09-05 CVE-2024-7884 Memory Leak vulnerability in Dfinity Canister Developer KIT for the Internet Computer
When a canister method is called via ic_cdk::call* , a new Future CallFuture is created and can be awaited by the caller to get the execution result.
network
low complexity
dfinity CWE-401
7.5
2024-09-04 CVE-2024-44979 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing workqueue destroy in xe_gt_pagefault On driver reload we never free up the memory for the pagefault and access counter workqueues.
local
low complexity
linux CWE-401
5.5
2024-09-04 CVE-2024-44964 Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restoring q_vector->vport pointers after reinitializating the structures. This is due to that all queue allocation functions are performed here with the new temporary vport structure and those functions rewrite the backpointers to the vport.
local
low complexity
linux CWE-401
7.8