Common Weakness Enumeration

CWE-763

Allowed

Release of Invalid Pointer or Reference

Abstraction: Base · Status: Incomplete

The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.

109 vulnerabilities reference this CWE, most recent first.

GHSA-5PQG-QMMW-G6J5

Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2026-05-29 18:31
VLAI
Details

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-28941"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-19T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.",
  "id": "GHSA-5pqg-qmmw-g6j5",
  "modified": "2026-05-29T18:31:13Z",
  "published": "2022-05-24T17:34:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28941"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/d4122754442799187d5d537a9c039a49a67e57f1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d4122754442799187d5d537a9c039a49a67e57f1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus\u0026id=d4122754442799187d5d537a9c039a49a67e57f1"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2020/11/19/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/11/19/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5WQW-CQHV-Q8CV

Vulnerability from github – Published: 2021-12-23 00:01 – Updated: 2021-12-29 00:01
VLAI
Details

An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-45261"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-22T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.",
  "id": "GHSA-5wqw-cqhv-q8cv",
  "modified": "2021-12-29T00:01:30Z",
  "published": "2021-12-23T00:01:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45261"
    },
    {
      "type": "WEB",
      "url": "https://savannah.gnu.org/bugs/?61685"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-647G-VGR2-5GQC

Vulnerability from github – Published: 2022-09-20 00:00 – Updated: 2022-09-22 00:00
VLAI
Details

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-28203"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-19T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query.",
  "id": "GHSA-647g-vgr2-5gqc",
  "modified": "2022-09-22T00:00:26Z",
  "published": "2022-09-20T00:00:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28203"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00027.html"
    },
    {
      "type": "WEB",
      "url": "https://phabricator.wikimedia.org/T297731"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5246"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-662R-59MF-5FXR

Vulnerability from github – Published: 2022-05-24 17:29 – Updated: 2022-05-24 17:29
VLAI
Details

Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-15673"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416",
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-01T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 81, Thunderbird \u003c 78.3, and Firefox ESR \u003c 78.3.",
  "id": "GHSA-662r-59mf-5fxr",
  "modified": "2022-05-24T17:29:55Z",
  "published": "2022-05-24T17:29:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15673"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1648493%2C1660800"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00020.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202010-02"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4770"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2020-42"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2020-43"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2020-44"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00074.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00077.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6794-4VQV-W8QG

Vulnerability from github – Published: 2026-06-24 18:32 – Updated: 2026-06-30 03:37
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nat: use kfree_rcu to release ops

Florian Westphal says:

"Historically this is not an issue, even for normal base hooks: the data path doesn't use the original nf_hook_ops that are used to register the callbacks.

However, in v5.14 I added the ability to dump the active netfilter hooks from userspace.

This code will peek back into the nf_hook_ops that are available at the tail of the pointer-array blob used by the datapath.

The nat hooks are special, because they are called indirectly from the central nat dispatcher hook. They are currently invisible to the nfnl hook dump subsystem though.

But once that changes the nat ops structures have to be deferred too."

Update nf_nat_register_fn() to deal with partial exposition of the hooks from error path which can be also an issue for nfnetlink_hook.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-53000"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-24T17:17:11Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nat: use kfree_rcu to release ops\n\nFlorian Westphal says:\n\n\"Historically this is not an issue, even for normal base hooks: the data\npath doesn\u0027t use the original nf_hook_ops that are used to register the\ncallbacks.\n\nHowever, in v5.14 I added the ability to dump the active netfilter\nhooks from userspace.\n\nThis code will peek back into the nf_hook_ops that are available\nat the tail of the pointer-array blob used by the datapath.\n\nThe nat hooks are special, because they are called indirectly from\nthe central nat dispatcher hook. They are currently invisible to\nthe nfnl hook dump subsystem though.\n\nBut once that changes the nat ops structures have to be deferred too.\"\n\nUpdate nf_nat_register_fn() to deal with partial exposition of the hooks\nfrom error path which can be also an issue for nfnetlink_hook.",
  "id": "GHSA-6794-4vqv-w8qg",
  "modified": "2026-06-30T03:37:13Z",
  "published": "2026-06-24T18:32:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53000"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-53000"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492273"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/32fdd2e38e7435a368d88f5977a7d6585ebc8b0e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3c7511f38ab511b791196b13ae48bf4973bf7dfd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6eda0d771f94267f73f57c94630aa47e90957915"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53000.json"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6F82-P732-9CP8

Vulnerability from github – Published: 2026-07-14 15:32 – Updated: 2026-07-14 15:32
VLAI
Details

We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw. This vulnerability was fixed in Firefox 152.0.6.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-15718"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-14T13:18:20Z",
    "severity": "MODERATE"
  },
  "details": "We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw. This vulnerability was fixed in Firefox 152.0.6.",
  "id": "GHSA-6f82-p732-9cp8",
  "modified": "2026-07-14T15:32:16Z",
  "published": "2026-07-14T15:32:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15718"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2045443"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-67"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6FVX-97P6-HW44

Vulnerability from github – Published: 2024-07-30 09:32 – Updated: 2024-12-11 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX

Syzbot hit warning in hci_conn_del() caused by freeing handle that was not allocated using ida allocator.

This is caused by handle bigger than HCI_CONN_HANDLE_MAX passed by hci_le_big_sync_established_evt(), which makes code think it's unset connection.

Add same check for handle upper bound as in hci_conn_set_handle() to prevent warning.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42132"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-30T08:15:05Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX\n\nSyzbot hit warning in hci_conn_del() caused by freeing handle that was\nnot allocated using ida allocator.\n\nThis is caused by handle bigger than HCI_CONN_HANDLE_MAX passed by\nhci_le_big_sync_established_evt(), which makes code think it\u0027s unset\nconnection.\n\nAdd same check for handle upper bound as in hci_conn_set_handle() to\nprevent warning.",
  "id": "GHSA-6fvx-97p6-hw44",
  "modified": "2024-12-11T18:30:36Z",
  "published": "2024-07-30T09:32:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42132"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1cc18c2ab2e8c54c355ea7c0423a636e415a0c23"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4970e48f83dbd21d2a6a7cdaaafc2a71f7f45dc4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d311036696fed778301d08a71a4bef737b86d8c5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6WGV-VJ43-RPR5

Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2025-11-03 21:30
VLAI
Details

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-28216"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-587",
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-05T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.",
  "id": "GHSA-6wgv-vj43-rpr5",
  "modified": "2025-11-03T21:30:32Z",
  "published": "2022-05-24T19:10:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28216"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.tianocore.org/show_bug.cgi?id=2957"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-78CM-F398-H7CF

Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2024-10-24 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: tipd: Free IRQ only if it was requested before

In polling mode, if no IRQ was requested there is no need to free it. Call devm_free_irq() only if client->irq is set. This fixes the warning caused by the tps6598x module removal:

WARNING: CPU: 2 PID: 333 at kernel/irq/devres.c:144 devm_free_irq+0x80/0x8c ... ... Call trace: devm_free_irq+0x80/0x8c tps6598x_remove+0x28/0x88 [tps6598x] i2c_device_remove+0x2c/0x9c device_remove+0x4c/0x80 device_release_driver_internal+0x1cc/0x228 driver_detach+0x50/0x98 bus_remove_driver+0x6c/0xbc driver_unregister+0x30/0x60 i2c_del_driver+0x54/0x64 tps6598x_i2c_driver_exit+0x18/0xc3c [tps6598x] __arm64_sys_delete_module+0x184/0x264 invoke_syscall+0x48/0x110 el0_svc_common.constprop.0+0xc8/0xe8 do_el0_svc+0x20/0x2c el0_svc+0x28/0x98 el0t_64_sync_handler+0x13c/0x158 el0t_64_sync+0x190/0x194

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50057"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-21T20:15:17Z",
    "severity": "LOW"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tipd: Free IRQ only if it was requested before\n\nIn polling mode, if no IRQ was requested there is no need to free it.\nCall devm_free_irq() only if client-\u003eirq is set. This fixes the warning\ncaused by the tps6598x module removal:\n\nWARNING: CPU: 2 PID: 333 at kernel/irq/devres.c:144 devm_free_irq+0x80/0x8c\n...\n...\nCall trace:\n  devm_free_irq+0x80/0x8c\n  tps6598x_remove+0x28/0x88 [tps6598x]\n  i2c_device_remove+0x2c/0x9c\n  device_remove+0x4c/0x80\n  device_release_driver_internal+0x1cc/0x228\n  driver_detach+0x50/0x98\n  bus_remove_driver+0x6c/0xbc\n  driver_unregister+0x30/0x60\n  i2c_del_driver+0x54/0x64\n  tps6598x_i2c_driver_exit+0x18/0xc3c [tps6598x]\n  __arm64_sys_delete_module+0x184/0x264\n  invoke_syscall+0x48/0x110\n  el0_svc_common.constprop.0+0xc8/0xe8\n  do_el0_svc+0x20/0x2c\n  el0_svc+0x28/0x98\n  el0t_64_sync_handler+0x13c/0x158\n  el0t_64_sync+0x190/0x194",
  "id": "GHSA-78cm-f398-h7cf",
  "modified": "2024-10-24T18:30:42Z",
  "published": "2024-10-21T21:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50057"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4d4b23c119542fbaed2a16794d3801cb4806ea02"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b72bf5cade51ba4055c8a8998d275e72e6b521ce"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/db63d9868f7f310de44ba7bea584e2454f8b4ed0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-79GQ-68M6-V3VG

Vulnerability from github – Published: 2022-05-13 01:20 – Updated: 2022-05-13 01:20
VLAI
Details

The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-6836"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-763"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-08T07:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.",
  "id": "GHSA-79gq-68m6-v3vg",
  "modified": "2022-05-13T01:20:31Z",
  "published": "2022-05-13T01:20:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6836"
    },
    {
      "type": "WEB",
      "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/#/c/25660"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/#/c/25660/2/wiretap/netmon.c"
    },
    {
      "type": "WEB",
      "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28960d79cca262ac6b974f339697b299a1e28fef"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Only call matching memory management functions. Do not mix and match routines. For example, when you allocate a buffer with malloc(), dispose of the original pointer with free().

Mitigation
Implementation

When programming in C++, consider using smart pointers provided by the boost library to help correctly and consistently manage memory.

Mitigation MIT-4.6
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, glibc in Linux provides protection against free of invalid pointers.
Mitigation
Architecture and Design

Use a language that provides abstractions for memory allocation and deallocation.

No CAPEC attack patterns related to this CWE.