目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CWE-401 在移除最后引用时对内存的释放不恰当(内存泄露) 类漏洞列表 220

CWE-401 在移除最后引用时对内存的释放不恰当(内存泄露) 类弱点 220 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-401属于内存管理漏洞,指程序在内存使用完毕后未正确释放,导致资源无法回收。攻击者通常利用此缺陷通过反复分配内存耗尽系统资源,引发拒绝服务或导致程序崩溃。开发者应避免此类问题,需确保在内存生命周期结束时调用释放函数,并采用智能指针或自动内存管理工具,严格跟踪内存分配与释放状态,防止内存泄漏。

MITRE CWE 官方描述
CWE:CWE-401 Missing Release of Memory after Effective Lifetime 英文:The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
常见影响 (2)
AvailabilityDoS: Crash, Exit, or Restart, DoS: Instability, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)
Most memory leaks result in general product reliability problems, but if an attacker can intentionally trigger a memory leak, the attacker might be able to launch a denial of service attack (by crashing or hanging the program) or take advantage of other unexpected program behavior resulting from a l…
OtherReduce Performance
缓解措施 (3)
ImplementationChoose a language or tool that provides automatic memory management, or makes manual memory management less error-prone. For example, glibc in Linux provides protection against free of invalid pointers. When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391]. To help correctly and consistently manage memory when programming in C++, consider using a smart pointer…
Architecture and DesignUse an abstraction library to abstract away risky APIs. Not a complete solution.
Architecture and Design, Build and CompilationConsider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
Effectiveness: Moderate
代码示例 (1)
The following C function leaks a block of allocated memory if the call to read() does not return the expected number of bytes:
char* getBlock(int fd) { char* buf = (char*) malloc(BLOCK_SIZE); if (!buf) { return NULL; } if (read(fd, buf, BLOCK_SIZE) != BLOCK_SIZE) { return NULL; } return buf; }
Bad · C
CVE ID标题CVSS风险等级Published
CVE-2022-3629 Linux kernel 安全漏洞 — Kernel 2.6 Low2022-10-21
CVE-2022-3633 Linux kernel 安全漏洞 — Kernel 3.5 Low2022-10-21
CVE-2022-3577 Linux kernel 缓冲区错误漏洞 — Kernel 7.8 -2022-10-20
CVE-2022-41832 F5 BIG-IP 安全漏洞 — BIG-IP 7.5 High2022-10-19
CVE-2022-41624 F5 BIG-IP 安全漏洞 — BIG-IP 7.5 High2022-10-19
CVE-2022-31222 Dell BIOS 安全漏洞 — CPG BIOS 2.3 Low2022-09-12
CVE-2021-3574 ImageMagick 安全漏洞 — ImageMagick 5.5 -2022-08-26
CVE-2021-4213 Linux jss 安全漏洞 — JSS 7.5 -2022-08-24
CVE-2021-3905 Open vSwitch 安全漏洞 — openvswitch (ovs) 7.5 -2022-08-23
CVE-2021-33645 openEuler 安全漏洞 — libtar 6.5 -2022-08-09
CVE-2021-33646 openEuler 安全漏洞 — libtar 6.5 -2022-08-09
CVE-2022-1012 Linux kernel 安全漏洞 — Kernel 8.2 -2022-08-05
CVE-2022-1651 Linux kernel 安全漏洞 — Kernel 7.1 -2022-07-26
CVE-2022-22209 Juniper Networks Junos OS 安全漏洞 — Junos OS 7.5 High2022-07-20
CVE-2022-22205 Juniper Networks Junos OS 安全漏洞 — Junos OS 7.5 High2022-07-20
CVE-2022-22204 Juniper Networks Junos OS 安全漏洞 — Junos OS 5.3 Medium2022-07-20
CVE-2022-20785 ClamAV 安全漏洞 — Cisco AMP for Endpoints 7.5 High2022-05-04
CVE-2022-1515 MATIO 安全漏洞 — matio 5.5 -2022-05-02
CVE-2022-23159 Dell Technologies Dell PowerScale OneFS安全漏洞 — PowerScale OneFS 4.8 Medium2022-04-12
CVE-2022-24756 Bareos 安全漏洞 — bareos 7.5 High2022-03-15
CVE-2021-3744 Linux kernel 安全漏洞 — kernel 5.5 -2022-03-04
CVE-2021-37205 Siemens SIMATIC S7-1500 系列产品输入验证错误漏洞 — SIMATIC Drive Controller family 7.5 High2022-02-09
CVE-2022-23578 Google Tensorflow 安全漏洞 — tensorflow 4.3 Medium2022-02-04
CVE-2022-23585 Google Tensorflow 安全漏洞 — tensorflow 4.3 Medium2022-02-04
CVE-2022-22173 Juniper Networks Junos OS 安全漏洞 — Junos OS 7.5 High2022-01-19
CVE-2022-22172 Juniper Networks Junos OS 安全漏洞 — Junos OS 6.5 Medium2022-01-19
CVE-2021-23218 Mirantis Container Runtime 安全漏洞 — Mirantis Container Runtime 5.3 Medium2022-01-10
CVE-2021-44542 Privoxy 输入验证错误漏洞 — Privoxy 7.5 -2021-12-23
CVE-2021-44540 Privoxy 输入验证错误漏洞 — Privoxy 7.5 -2021-12-23
CVE-2021-44541 Privoxy 输入验证错误漏洞 — Privoxy 7.5 -2021-12-23

CWE-401(在移除最后引用时对内存的释放不恰当(内存泄露)) 是常见的弱点类别,本平台收录该类弱点关联的 220 条 CVE 漏洞。