Vulnerabilities > Improper Release of Memory Before Removing Last Reference ('Memory Leak')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-08 | CVE-2024-43696 | Memory Leak vulnerability in Openatom Openharmony in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. | 5.5 |
| 2024-09-18 | CVE-2024-46779 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Free pvr_vm_gpuva after unlink This caused a measurable memory leak. | 5.5 |
| 2024-09-11 | CVE-2024-20304 | Memory Leak vulnerability in Cisco IOS XR A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. | 7.5 |
| 2024-09-05 | CVE-2024-7884 | Memory Leak vulnerability in Dfinity Canister Developer KIT for the Internet Computer When a canister method is called via ic_cdk::call* , a new Future CallFuture is created and can be awaited by the caller to get the execution result. | 7.5 |
| 2024-09-04 | CVE-2024-44979 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing workqueue destroy in xe_gt_pagefault On driver reload we never free up the memory for the pagefault and access counter workqueues. | 5.5 |
| 2024-09-04 | CVE-2024-44964 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restoring q_vector->vport pointers after reinitializating the structures. This is due to that all queue allocation functions are performed here with the new temporary vport structure and those functions rewrite the backpointers to the vport. | 7.8 |
| 2024-09-04 | CVE-2024-44969 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. | 5.5 |
| 2024-09-04 | CVE-2024-44971 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() bcm_sf2_mdio_register() calls of_phy_find_device() and then phy_device_remove() in a loop to remove existing PHY devices. of_phy_find_device() eventually calls bus_find_device(), which calls get_device() on the returned struct device * to increment the refcount. The current implementation does not decrement the refcount, which causes memory leak. This commit adds the missing phy_device_free() call to decrement the refcount via put_device() to balance the refcount. | 5.5 |
| 2024-08-30 | CVE-2024-44944 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace. | 5.5 |
| 2024-08-26 | CVE-2024-43913 | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvme_uninit_ctrl after a successful nvme_init_ctrl. Split the allocation side out to make the error handling boundary easier to navigate. | 5.5 |