CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-P52C-CC2G-5F23
Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-10-08 15:32In the Linux kernel, the following vulnerability has been resolved:
xsk: Free skb when TX metadata options are invalid
When a new skb is allocated for transmitting an xsk descriptor, i.e., for every non-multibuf descriptor or the first frag of a multibuf descriptor, but the descriptor is later found to have invalid options set for the TX metadata, the new skb is never freed. This can leak skbs until the send buffer is full which makes sending more packets impossible.
Fix this by freeing the skb in the error path if we are currently dealing with the first frag, i.e., an skb allocated in this iteration of xsk_build_skb.
{
"affected": [],
"aliases": [
"CVE-2024-53236"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-27T14:15:32Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Free skb when TX metadata options are invalid\n\nWhen a new skb is allocated for transmitting an xsk descriptor, i.e., for\nevery non-multibuf descriptor or the first frag of a multibuf descriptor,\nbut the descriptor is later found to have invalid options set for the TX\nmetadata, the new skb is never freed. This can leak skbs until the send\nbuffer is full which makes sending more packets impossible.\n\nFix this by freeing the skb in the error path if we are currently dealing\nwith the first frag, i.e., an skb allocated in this iteration of\nxsk_build_skb.",
"id": "GHSA-p52c-cc2g-5f23",
"modified": "2025-10-08T15:32:25Z",
"published": "2024-12-27T15:31:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53236"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0c0d0f42ffa6ac94cd79893b7ed419c15e1b45de"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7f0d0dd5a7f437d83cff954bc321f1a9b181efd5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d5d346deb65efa8453f8481bcea75c1a590439e7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P535-JVV7-F34M
Vulnerability from github – Published: 2022-05-13 01:22 – Updated: 2022-05-13 01:22An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c.
{
"affected": [],
"aliases": [
"CVE-2019-6135"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-11T17:29:00Z",
"severity": "HIGH"
},
"details": "An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c.",
"id": "GHSA-p535-jvv7-f34m",
"modified": "2022-05-13T01:22:35Z",
"published": "2022-05-13T01:22:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6135"
},
{
"type": "WEB",
"url": "https://github.com/mz-automation/libiec61850/issues/103"
},
{
"type": "WEB",
"url": "https://github.com/mz-automation/libiec61850/issues/104"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P53F-PM5M-WPJ7
Vulnerability from github – Published: 2021-12-26 00:00 – Updated: 2022-01-05 00:01In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.
{
"affected": [],
"aliases": [
"CVE-2021-45481"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-25T01:15:00Z",
"severity": "MODERATE"
},
"details": "In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.",
"id": "GHSA-p53f-pm5m-wpj7",
"modified": "2022-01-05T00:01:43Z",
"published": "2021-12-26T00:00:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45481"
},
{
"type": "WEB",
"url": "https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/01/21/2"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P54V-5QQX-FV5F
Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.
{
"affected": [],
"aliases": [
"CVE-2019-9857"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-03-21T16:01:00Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.",
"id": "GHSA-p54v-5qqx-fv5f",
"modified": "2022-05-13T01:23:07Z",
"published": "2022-05-13T01:23:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9857"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs.git/commit/?h=fsnotify\u0026id=62c9d2674b31d4c8a674bee86b7edc6da2803aea"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXLZ2V2ES37A3J7DMK4MZYIWV2LEZFLM"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPH3B7FJOMWD5JWUPZKB6T44KNT4PX2L"
},
{
"type": "WEB",
"url": "https://patchwork.kernel.org/patch/10836283"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190404-0002"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/107527"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P565-X5FX-43J3
Vulnerability from github – Published: 2024-05-01 15:30 – Updated: 2024-10-29 21:30In the Linux kernel, the following vulnerability has been resolved:
powerpc/pseries: Fix potential memleak in papr_get_attr()
buf is allocated in papr_get_attr(), and krealloc() of buf
could fail. We need to free the original buf in the case of failure.
{
"affected": [],
"aliases": [
"CVE-2022-48669"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-01T13:15:48Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Fix potential memleak in papr_get_attr()\n\n`buf` is allocated in papr_get_attr(), and krealloc() of `buf`\ncould fail. We need to free the original `buf` in the case of failure.",
"id": "GHSA-p565-x5fx-43j3",
"modified": "2024-10-29T21:30:45Z",
"published": "2024-05-01T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48669"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1699fb915b9f61794d559b55114c09a390aaf234"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7f7d39fe3d80d6143404940b2413010cf6527029"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a3f22feb2220a945d1c3282e34199e8bcdc5afc4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cda9c0d556283e2d4adaa9960b2dc19b16156bae"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d0647c3e81eff62b66d46fd4e475318cb8cb3610"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P574-W2VR-CGV8
Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-12 18:31In the Linux kernel, the following vulnerability has been resolved:
RDMA/rxe: Fix mr leak in RESPST_ERR_RNR
rxe_recheck_mr() will increase mr's ref_cnt, so we should call rxe_put(mr) to drop mr's ref_cnt in RESPST_ERR_RNR to avoid below warning:
WARNING: CPU: 0 PID: 4156 at drivers/infiniband/sw/rxe/rxe_pool.c:259 __rxe_cleanup+0x1df/0x240 [rdma_rxe] ... Call Trace: rxe_dereg_mr+0x4c/0x60 [rdma_rxe] ib_dereg_mr_user+0xa8/0x200 [ib_core] ib_mr_pool_destroy+0x77/0xb0 [ib_core] nvme_rdma_destroy_queue_ib+0x89/0x240 [nvme_rdma] nvme_rdma_free_queue+0x40/0x50 [nvme_rdma] nvme_rdma_teardown_io_queues.part.0+0xc3/0x120 [nvme_rdma] nvme_rdma_error_recovery_work+0x4d/0xf0 [nvme_rdma] process_one_work+0x582/0xa40 ? pwq_dec_nr_in_flight+0x100/0x100 ? rwlock_bug.part.0+0x60/0x60 worker_thread+0x2a9/0x700 ? process_one_work+0xa40/0xa40 kthread+0x168/0x1a0 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30
{
"affected": [],
"aliases": [
"CVE-2022-49929"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T15:16:18Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix mr leak in RESPST_ERR_RNR\n\nrxe_recheck_mr() will increase mr\u0027s ref_cnt, so we should call rxe_put(mr)\nto drop mr\u0027s ref_cnt in RESPST_ERR_RNR to avoid below warning:\n\n WARNING: CPU: 0 PID: 4156 at drivers/infiniband/sw/rxe/rxe_pool.c:259 __rxe_cleanup+0x1df/0x240 [rdma_rxe]\n...\n Call Trace:\n rxe_dereg_mr+0x4c/0x60 [rdma_rxe]\n ib_dereg_mr_user+0xa8/0x200 [ib_core]\n ib_mr_pool_destroy+0x77/0xb0 [ib_core]\n nvme_rdma_destroy_queue_ib+0x89/0x240 [nvme_rdma]\n nvme_rdma_free_queue+0x40/0x50 [nvme_rdma]\n nvme_rdma_teardown_io_queues.part.0+0xc3/0x120 [nvme_rdma]\n nvme_rdma_error_recovery_work+0x4d/0xf0 [nvme_rdma]\n process_one_work+0x582/0xa40\n ? pwq_dec_nr_in_flight+0x100/0x100\n ? rwlock_bug.part.0+0x60/0x60\n worker_thread+0x2a9/0x700\n ? process_one_work+0xa40/0xa40\n kthread+0x168/0x1a0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30",
"id": "GHSA-p574-w2vr-cgv8",
"modified": "2025-11-12T18:31:03Z",
"published": "2025-05-01T15:31:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49929"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/50b35ad2864a9d66f802f9ce193d99bbef64e219"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b5f9a01fae42684648c2ee3cd9985f80c67ab9f7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P5RP-G3GQ-57JQ
Vulnerability from github – Published: 2021-12-26 00:00 – Updated: 2022-03-17 00:06An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.
{
"affected": [],
"aliases": [
"CVE-2021-45480"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-24T23:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances.",
"id": "GHSA-p5rp-g3gq-57jq",
"modified": "2022-03-17T00:06:23Z",
"published": "2021-12-26T00:00:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45480"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/5f9562ebe710c307adc5f666bf1a2162ee7977c0"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.11"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5050"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P62F-HVR2-5W5F
Vulnerability from github – Published: 2022-05-24 17:21 – Updated: 2022-09-03 00:00ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.
{
"affected": [],
"aliases": [
"CVE-2020-15025"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-24T19:15:00Z",
"severity": "MODERATE"
},
"details": "ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.",
"id": "GHSA-p62f-hvr2-5w5f",
"modified": "2022-09-03T00:00:24Z",
"published": "2022-05-24T17:21:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15025"
},
{
"type": "WEB",
"url": "https://bugs.gentoo.org/729458"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202007-12"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200702-0002"
},
{
"type": "WEB",
"url": "https://support.ntp.org/bin/view/Main/NtpBug3661"
},
{
"type": "WEB",
"url": "https://support.ntp.org/bin/view/Main/SecurityNotice#June_2020_ntp_4_2_8p15_NTP_Relea"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P665-3XC8-4HRV
Vulnerability from github – Published: 2022-05-24 17:20 – Updated: 2022-05-24 17:20Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP option number field of all options present in the input packet. Each option number is calculated as a sum of the previous option number and a delta of the current option. The delta and the previous option number are expressed as unsigned 16-bit integers. Due to lack of overflow detection, it is possible to craft a packet that wraps the option number around and results in the same option number being processed again in a single packet. Certain options allocate memory by calling a memory allocation function. In the cases of COAP_OPTION_URI_QUERY, COAP_OPTION_URI_PATH, COAP_OPTION_LOCATION_QUERY, and COAP_OPTION_ETAG, there is no check on whether memory has already been allocated, which in conjunction with the option number integer overflow may lead to multiple assignments of allocated memory to a single pointer. This has been demonstrated to lead to memory leak by buffer orphaning. As a result, the memory is never freed.
{
"affected": [],
"aliases": [
"CVE-2020-12887"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-18T19:15:00Z",
"severity": "MODERATE"
},
"details": "Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP option number field of all options present in the input packet. Each option number is calculated as a sum of the previous option number and a delta of the current option. The delta and the previous option number are expressed as unsigned 16-bit integers. Due to lack of overflow detection, it is possible to craft a packet that wraps the option number around and results in the same option number being processed again in a single packet. Certain options allocate memory by calling a memory allocation function. In the cases of COAP_OPTION_URI_QUERY, COAP_OPTION_URI_PATH, COAP_OPTION_LOCATION_QUERY, and COAP_OPTION_ETAG, there is no check on whether memory has already been allocated, which in conjunction with the option number integer overflow may lead to multiple assignments of allocated memory to a single pointer. This has been demonstrated to lead to memory leak by buffer orphaning. As a result, the memory is never freed.",
"id": "GHSA-p665-3xc8-4hrv",
"modified": "2022-05-24T17:20:51Z",
"published": "2022-05-24T17:20:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12887"
},
{
"type": "WEB",
"url": "https://github.com/ARMmbed/mbed-os/issues/12930"
},
{
"type": "WEB",
"url": "https://github.com/ARMmbed/mbed-os/issues/12957"
},
{
"type": "WEB",
"url": "https://github.com/ARMmbed/mbed-coap/pull/116"
},
{
"type": "WEB",
"url": "https://github.com/mjurczak/mbed-coap/commit/4647a68e364401e81dbd370728127d844f221d93"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P6XH-5J4Q-M59X
Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-20 18:31In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit
Always purge mcu skb queues in mt7915_mcu_exit routine even if mt7915_firmware_state fails.
{
"affected": [],
"aliases": [
"CVE-2023-53466"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-01T12:15:48Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit\n\nAlways purge mcu skb queues in mt7915_mcu_exit routine even if\nmt7915_firmware_state fails.",
"id": "GHSA-p6xh-5j4q-m59x",
"modified": "2026-01-20T18:31:51Z",
"published": "2025-10-01T12:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53466"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3095fe1e1d3198e62a3c7116c4cf7c734871475f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/49bd78282e79ad177d14f37f4049f0605bf92dad"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4cbb876153b63fe248200f734069c6881cf97722"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.