215 vulnerabilities classified as CWE-401 (在移除最后引用时对内存的释放不恰当(内存泄露)). AI Chinese analysis included.
CWE-401 represents a memory management weakness where software fails to release allocated memory after its effective lifetime, leading to resource exhaustion. This defect typically manifests as a denial-of-service condition rather than direct code execution, as the continuous accumulation of unreleased memory gradually depletes system resources. Attackers exploit this by triggering repeated allocations, causing the application or host to crash when memory limits are reached. Developers prevent this by implementing rigorous memory lifecycle management, ensuring every allocation has a corresponding deallocation call. Utilizing automated static analysis tools helps identify leaks during development, while adopting garbage-collected languages or smart pointers in C++ can significantly reduce the risk. Regular memory profiling during testing further ensures that allocated resources are properly returned to the system, maintaining application stability and preventing resource starvation.
char* getBlock(int fd) { char* buf = (char*) malloc(BLOCK_SIZE); if (!buf) { return NULL; } if (read(fd, buf, BLOCK_SIZE) != BLOCK_SIZE) { return NULL; } return buf; }| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-14818 | DPDK 安全漏洞 — dpdk | 7.5 | - | 2019-11-14 |
| CVE-2019-5023 | PaX和grsecurity 安全漏洞 — PaX | 9.1 | - | 2019-10-31 |
| CVE-2019-3815 | Red Hat Enterprise Linux资源管理错误漏洞 — systemd | 3.3 | - | 2019-01-28 |
| CVE-2017-7654 | Eclipse Mosquitto 安全漏洞 — Eclipse Mosquitto | 7.5 | - | 2018-06-05 |
| CVE-2017-15094 | PowerDNS Recursor 安全漏洞 — PowerDNS Recursor | 5.9 | - | 2018-01-23 |
Vulnerabilities classified as CWE-401 (在移除最后引用时对内存的释放不恰当(内存泄露)) represent 215 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.