CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-9HXM-QQG6-Q8F9
Vulnerability from github – Published: 2022-11-11 19:00 – Updated: 2022-11-16 19:00A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463.
{
"affected": [],
"aliases": [
"CVE-2022-3957"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-404"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-11T16:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463.",
"id": "GHSA-9hxm-qqg6-q8f9",
"modified": "2022-11-16T19:00:31Z",
"published": "2022-11-11T19:00:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3957"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/commit/2191e66aa7df750e8ef01781b1930bea87b713bb"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.213463"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5411"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9JVR-RF7J-CXPF
Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-12-03 21:30In the Linux kernel, the following vulnerability has been resolved:
PM: domains: fix memory leak with using debugfs_lookup()
When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.
{
"affected": [],
"aliases": [
"CVE-2023-53202"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T15:15:46Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: domains: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"id": "GHSA-9jvr-rf7j-cxpf",
"modified": "2025-12-03T21:30:59Z",
"published": "2025-09-15T15:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53202"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0b6200e1e9f53dabdc30d0f6c51af9a5f664d32b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/543d7113c37206ed7dae7bfb0b7e50955077770e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cde67cb7d2d1757baa83271c1f0892727e79f52e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dddc132eb0dca3969f9146ef8feac0aa542aa305"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9MR7-VQ34-QW9P
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-05-24 19:09A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.
{
"affected": [],
"aliases": [
"CVE-2021-22424"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-03T18:15:00Z",
"severity": "MODERATE"
},
"details": "A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.",
"id": "GHSA-9mr7-vq34-qw9p",
"modified": "2022-05-24T19:09:48Z",
"published": "2022-05-24T19:09:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22424"
},
{
"type": "WEB",
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-9P4V-567M-9GGG
Vulnerability from github – Published: 2026-04-10 00:30 – Updated: 2026-04-10 00:30A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).
If the authentication packet-type option is configured and a received packet does not match that packet type, the memory leak occurs. When all memory
available to bbe-smgd has been consumed, no new subscribers will be able to login.
The memory utilization of bbe-smgd can be monitored with the following show command:
user@host> show system processes extensive | match bbe-smgd
The below log message can be observed when this limit has been reached:
bbesmgd[]: %DAEMON-3-SMD_DPROF_RSMON_ERROR: Resource unavailability, Reason: Daemon Heap Memory exhaustion
This issue affects Junos OS on MX Series: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2, * 25.2 versions before 25.2R2.
{
"affected": [],
"aliases": [
"CVE-2026-33775"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-09T22:16:26Z",
"severity": "HIGH"
},
"details": "A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).\n\nIf the authentication packet-type option is configured and a received packet does not match that packet type, the memory leak occurs. When all memory \n\navailable to bbe-smgd\u00a0has been consumed, no new subscribers will be able to login.\n\nThe memory utilization of bbe-smgd can be monitored with the following show command:\n\nuser@host\u003e show system processes extensive | match bbe-smgd\n\nThe below log message can be observed when this limit has been reached:\n\nbbesmgd[\u003cPID\u003e]: %DAEMON-3-SMD_DPROF_RSMON_ERROR: Resource unavailability, Reason: Daemon Heap Memory exhaustion\n\n\nThis issue affects Junos OS on MX Series:\n * all versions before 22.4R3-S8,\n * 23.2 versions before 23.2R2-S5,\n * 23.4 versions before 23.4R2-S6,\n * 24.2 versions before 24.2R2-S2,\n * 24.4 versions before 24.4R2,\n * 25.2 versions before 25.2R2.",
"id": "GHSA-9p4v-567m-9ggg",
"modified": "2026-04-10T00:30:29Z",
"published": "2026-04-10T00:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33775"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA107821"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9P6G-5797-V553
Vulnerability from github – Published: 2024-07-10 09:30 – Updated: 2026-05-12 12:32In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix memleak in seg6_hmac_init_algo
seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto tfms.
Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.
{
"affected": [],
"aliases": [
"CVE-2024-39489"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-10T08:15:11Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix memleak in seg6_hmac_init_algo\n\nseg6_hmac_init_algo returns without cleaning up the previous allocations\nif one fails, so it\u0027s going to leak all that memory and the crypto tfms.\n\nUpdate seg6_hmac_exit to only free the memory when allocated, so we can\nreuse the code directly.",
"id": "GHSA-9p6g-5797-v553",
"modified": "2026-05-12T12:32:00Z",
"published": "2024-07-10T09:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39489"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0e44d6cbe8de983470c3d2f978649783384fdcb6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4a3fcf53725b70010d1cf869a2ba549fed6b8fb3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/599a5654215092ac22bfc453f4fd3959c55ea821"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/61d31ac85b4572d11f8071855c0ccb4f32d76c0c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/afd5730969aec960a2fee4e5ee839a6014643976"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/daf341e0a2318b813427d5a78788c86f4a7f02be"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/efb9f4f19f8e37fde43dfecebc80292d179f56c6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f6a99ef4e056c20a138a95cc51332b2b96c8f383"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9PGW-3RFW-WGQJ
Vulnerability from github – Published: 2023-01-13 00:30 – Updated: 2023-01-20 18:30A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is configured. Eventually the flowd process will crash and restart. This issue affects Juniper Networks Junos OS on SRX Series: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S8, 19.4R3-S10; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2.
{
"affected": [],
"aliases": [
"CVE-2023-22417"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-13T00:15:00Z",
"severity": "HIGH"
},
"details": "A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is configured. Eventually the flowd process will crash and restart. This issue affects Juniper Networks Junos OS on SRX Series: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S8, 19.4R3-S10; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2.",
"id": "GHSA-9pgw-3rfw-wgqj",
"modified": "2023-01-20T18:30:23Z",
"published": "2023-01-13T00:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22417"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA70213"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9PV7-RCFR-X287
Vulnerability from github – Published: 2024-03-25 09:32 – Updated: 2024-12-12 18:30In the Linux kernel, the following vulnerability has been resolved:
net: fec: fix the potential memory leak in fec_enet_init()
If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak.
And if the memory allocated for the queues is failed, it can return error directly.
{
"affected": [],
"aliases": [
"CVE-2021-47150"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-25T09:15:09Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: fix the potential memory leak in fec_enet_init()\n\nIf the memory allocated for cbd_base is failed, it should\nfree the memory allocated for the queues, otherwise it causes\nmemory leak.\n\nAnd if the memory allocated for the queues is failed, it can\nreturn error directly.",
"id": "GHSA-9pv7-rcfr-x287",
"modified": "2024-12-12T18:30:51Z",
"published": "2024-03-25T09:32:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47150"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/15102886bc8f5f29daaadf2d925591d564c17e9f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/20255d41ac560397b6a07d8d87dcc5e2efc7672a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/32a1777fd113335c3f70dc445dffee0ad1c6870f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/619fee9eb13b5d29e4267cb394645608088c28a8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8ee7ef4a57a9e1228b6f345aaa70aa8951c7e9cd"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9PVH-F984-W7RJ
Vulnerability from github – Published: 2025-10-07 18:31 – Updated: 2026-02-05 15:31In the Linux kernel, the following vulnerability has been resolved:
soc: aspeed: socinfo: Add kfree for kstrdup
Add kfree() in the later error handling in order to avoid memory leak.
{
"affected": [],
"aliases": [
"CVE-2023-53617"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-07T16:15:44Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: aspeed: socinfo: Add kfree for kstrdup\n\nAdd kfree() in the later error handling in order to avoid memory leak.",
"id": "GHSA-9pvh-f984-w7rj",
"modified": "2026-02-05T15:31:08Z",
"published": "2025-10-07T18:31:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53617"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6e6d847a8ce18ab2fbec4f579f682486a82d2c6b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b662856b71343d9e731c1cd4bbe54758c7791abb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d9a5ad4477d2a11e9b03f00c52694451e9332228"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dfb9676ed25be25ca7cd198d0f0e093b76b7bc7f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9Q42-QQ54-FWVJ
Vulnerability from github – Published: 2025-02-27 03:34 – Updated: 2025-03-05 21:32In the Linux kernel, the following vulnerability has been resolved:
iommu: Fix potential memory leak in iopf_queue_remove_device()
The iopf_queue_remove_device() helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstanding iopf's with an IOMMU_PAGE_RESP_INVALID code and detaches the device from the queue.
However, it fails to release the group structure that represents a group of iopf's awaiting for a response after responding to the hardware. This can cause a memory leak if iopf_queue_remove_device() is called with pending iopf's.
Fix it by calling iopf_free_group() after the iopf group is responded.
{
"affected": [],
"aliases": [
"CVE-2025-21770"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-27T03:15:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix potential memory leak in iopf_queue_remove_device()\n\nThe iopf_queue_remove_device() helper removes a device from the per-iommu\niopf queue when PRI is disabled on the device. It responds to all\noutstanding iopf\u0027s with an IOMMU_PAGE_RESP_INVALID code and detaches the\ndevice from the queue.\n\nHowever, it fails to release the group structure that represents a group\nof iopf\u0027s awaiting for a response after responding to the hardware. This\ncan cause a memory leak if iopf_queue_remove_device() is called with\npending iopf\u0027s.\n\nFix it by calling iopf_free_group() after the iopf group is responded.",
"id": "GHSA-9q42-qq54-fwvj",
"modified": "2025-03-05T21:32:06Z",
"published": "2025-02-27T03:34:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21770"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/90d5429cd2921ca2714684ed525898d431bb9283"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9759ae2cee7cd42b95f1c48aa3749bd02b5ddb08"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/db60d2d896a17decd58d143eef92cf22eb0a0176"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9QR2-GP6M-MXR4
Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-28 15:30In the Linux kernel, the following vulnerability has been resolved:
mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
Free the skb if mt76u_bulk_msg fails in __mt76x02u_mcu_send_msg routine.
{
"affected": [],
"aliases": [
"CVE-2022-50172"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-18T11:15:47Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg\n\nFree the skb if mt76u_bulk_msg fails in __mt76x02u_mcu_send_msg routine.",
"id": "GHSA-9qr2-gp6m-mxr4",
"modified": "2025-11-28T15:30:28Z",
"published": "2025-06-18T12:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50172"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2f53ba46d8c97aca681adbe5098e1f84580c446d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3ad958bc488e3ecb0207d31621c00efb86f17482"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cffd93411575afd987788e2ec3cb8eaff70f0215"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/da1ab462b96c5d47a0755aec957bae3d685538c5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f1609c4f4a21777e081b36596224802b85052ad9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.