Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-J4J9-J24X-79RM

Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-18 18:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/hfi1: fix potential memory leak in setup_base_ctxt()

setup_base_ctxt() allocates a memory chunk for uctxt->groups with hfi1_alloc_ctxt_rcv_groups(). When init_user_ctxt() fails, uctxt->groups is not released, which will lead to a memory leak.

We should release the uctxt->groups with hfi1_free_ctxt_rcv_groups() when init_user_ctxt() fails.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50134"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:43Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hfi1: fix potential memory leak in setup_base_ctxt()\n\nsetup_base_ctxt() allocates a memory chunk for uctxt-\u003egroups with\nhfi1_alloc_ctxt_rcv_groups(). When init_user_ctxt() fails, uctxt-\u003egroups\nis not released, which will lead to a memory leak.\n\nWe should release the uctxt-\u003egroups with hfi1_free_ctxt_rcv_groups()\nwhen init_user_ctxt() fails.",
  "id": "GHSA-j4j9-j24x-79rm",
  "modified": "2025-11-18T18:32:46Z",
  "published": "2025-06-18T12:30:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50134"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1750be1e9f18787cf717c24dbc5fa029fc372a22"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2f90813f1c21c3d780585390af961bd17c8515ae"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/90ef48a718f88935d4af53d7dadd1ceafe103ce6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a85c7dd1edadcdeca24e603a6618153a3bcc81ca"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a9055dfe437efae77e28e57205437c878a03ccb7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aa2a1df3a2c85f855af7d54466ac10bd48645d63"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e25b828553aecb3185a8d8d0c4f9b4e133fb5db6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fc4de8009fd6c2ca51986c6757efa964040e7d02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J4JV-9RJV-H6JM

Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-05-24 17:45
VLAI
Details

A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-20210"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-25T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash.",
  "id": "GHSA-j4jv-9rjv-h6jm",
  "modified": "2022-05-24T17:45:22Z",
  "published": "2022-05-24T17:45:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20210"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928729"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202107-16"
    },
    {
      "type": "WEB",
      "url": "https://www.privoxy.org/3.0.29/user-manual/whatsnew.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J546-3M5X-FX7P

Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-05-24 19:09
VLAI
Details

In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-34431"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-22T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker.",
  "id": "GHSA-j546-3m5x-fx7p",
  "modified": "2022-05-24T19:09:00Z",
  "published": "2022-05-24T19:09:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34431"
    },
    {
      "type": "WEB",
      "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=573191"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J58X-5M9C-F2G5

Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2024-03-21 03:33
VLAI
Details

A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19046"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-18T06:15:00Z",
    "severity": "HIGH"
  },
  "details": "A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20.",
  "id": "GHSA-j58x-5m9c-f2g5",
  "modified": "2024-03-21T03:33:42Z",
  "published": "2022-05-24T17:01:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19046"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/4aa7afb0ee20a97fbf0c5bab3df028d5fb85fdab"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157304"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4302-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4319-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4325-1"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J5JQ-R673-59H3

Vulnerability from github – Published: 2026-05-08 15:31 – Updated: 2026-05-21 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/sync: Fix user fence leak on alloc failure

When dma_fence_chain_alloc() fails, properly release the user fence reference to prevent a memory leak.

(cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43396"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-08T15:16:51Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/sync: Fix user fence leak on alloc failure\n\nWhen dma_fence_chain_alloc() fails, properly release the user fence\nreference to prevent a memory leak.\n\n(cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0)",
  "id": "GHSA-j5jq-r673-59h3",
  "modified": "2026-05-21T21:30:29Z",
  "published": "2026-05-08T15:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43396"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/05edc78eb4699e8e000a62aaa8dace50a17e19e3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0879c3f04f67e2a1677c25dcc24669ce21eb6a6c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f8f90b33934b307f6e4599b9fae38aa1ee5441a7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J6C4-9599-77V8

Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-06-29 00:00
VLAI
Details

An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-21839"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-404"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-17T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.",
  "id": "GHSA-j6c4-9599-77v8",
  "modified": "2022-06-29T00:00:30Z",
  "published": "2022-05-24T19:02:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-21839"
    },
    {
      "type": "WEB",
      "url": "https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492707"
    },
    {
      "type": "WEB",
      "url": "https://cwe.mitre.org/data/definitions/401.html"
    },
    {
      "type": "WEB",
      "url": "http://gnu.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J6H2-WR53-6VCG

Vulnerability from github – Published: 2026-02-18 18:30 – Updated: 2026-06-02 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()

On kthread_run() failure in ksmbd_tcp_new_connection(), the transport is freed via free_transport(), which does not decrement active_num_conn, leaking this counter.

Replace free_transport() with ksmbd_tcp_disconnect().

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-18T16:22:32Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()\n\nOn kthread_run() failure in ksmbd_tcp_new_connection(), the transport is\nfreed via free_transport(), which does not decrement active_num_conn,\nleaking this counter.\n\nReplace free_transport() with ksmbd_tcp_disconnect().",
  "id": "GHSA-j6h2-wr53-6vcg",
  "modified": "2026-06-02T15:31:53Z",
  "published": "2026-02-18T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23228"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/599271110c35f6b16e2e4e45b9fbd47ed378c982"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6dd2645cf080a75be31fa66063c7332b291f46f0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/77ffbcac4e569566d0092d5f22627dfc0896b553"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/787769c8cc50416af7b8b1a36e6bcd6aaa7680aa"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7ddd69cd1338c6197e1b6b19cec60d99c8633e4f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/baf664fc90a6139a39a58333e4aaa390c10d45dc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cd25e0d809531a67e9dd53b19012d27d2b13425f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J6JV-RR9G-Q9J6

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI
Details

A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-22043"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-01T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c.",
  "id": "GHSA-j6jv-rr9g-q9j6",
  "modified": "2022-05-24T19:03:41Z",
  "published": "2022-05-24T19:03:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22043"
    },
    {
      "type": "WEB",
      "url": "https://trac.ffmpeg.org/ticket/8284"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J6Q7-JCX4-9HR4

Vulnerability from github – Published: 2026-03-25 12:30 – Updated: 2026-07-14 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()

struct irdma_create_ah_resp { // 8 bytes, no padding __u32 ah_id; // offset 0 - SET (uresp.ah_id = ah->sc_ah.ah_info.ah_idx) __u8 rsvd[4]; // offset 4 - NEVER SET <- LEAK };

rsvd[4]: 4 bytes of stack memory leaked unconditionally. Only ah_id is assigned before ib_respond_udata().

The reserved members of the structure were not zeroed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23335"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T11:16:31Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()\n\nstruct irdma_create_ah_resp {  // 8 bytes, no padding\n    __u32 ah_id;               // offset 0 - SET (uresp.ah_id = ah-\u003esc_ah.ah_info.ah_idx)\n    __u8  rsvd[4];             // offset 4 - NEVER SET \u003c- LEAK\n};\n\nrsvd[4]: 4 bytes of stack memory leaked unconditionally. Only ah_id is assigned before ib_respond_udata().\n\nThe reserved members of the structure were not zeroed.",
  "id": "GHSA-j6q7-jcx4-9hr4",
  "modified": "2026-07-14T15:31:41Z",
  "published": "2026-03-25T12:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23335"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/14b47c07c69930254f549a17ee245c80a65b1609"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1b1fac4c7a3ab7f52e9cfb91e5c91216646ca4d8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1f70df004fdd944653013ccc2e1dfd472a693b46"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2fd37450d271d74b3847baed284f9cfdf198c6f8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/74586c6da9ea222a61c98394f2fc0a604748438c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c9bd0007c4bdb7806bbd323287e50f9cf467c51a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cfe962216c164fe2b1c1fb6ac925a7413f5abc84"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J6V9-29XF-J8Q4

Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2024-04-04 02:51
VLAI
Details

A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-3203"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-06-03T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition.",
  "id": "GHSA-j6v9-29xf-j8q4",
  "modified": "2024-04-04T02:51:32Z",
  "published": "2022-05-24T17:19:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3203"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewlc-dos-TkuPVmZN"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.