CWE-762 – Mismatched Memory Management Routines | Common Weakness Enumeration（CWE）

概要

CWE-762（Mismatched Memory Management Routines）は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

セキュリティへの影響: セキュリティ影響：製品や文脈に依存します。CVE 記録、深刻度、MITRE の説明を参照して優先度を判断してください。

説明

The product attempts to return a memory resource to the system, but it calls a release function that is not compatible with the function that was originally used to allocate that resource.

適用プラットフォーム

種別	名称	クラス	普遍性	OS / CPE
language	—	Memory-Unsafe	Often	—
language	C	—	Undetermined	—
language	C++	—	Undetermined	—

このデータベースの関連 CVE

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE	公開	概要
CVE-2025-11015	2025-09-26	A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismat…
CVE-2025-49080	2025-06-12	There is a memory management vulnerability in Absolute Secure Access server versions 9.0 to 13.54. Attackers with network access to the server can cause a Denial of Service by sending a specially craf…
CVE-2025-48755	2025-05-24	In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST (zero-sized type).
CVE-2025-47737	2025-05-09	lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.
CVE-2025-20189	2025-05-07	A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 (RSP3C) could allow an unauthenticat…
CVE-2024-32503	2024-06-07	An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor l…
CVE-2024-4853	2024-05-14	Memory handling issue in editcap could cause denial of service via crafted capture file
CVE-2024-2955	2024-03-26	T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file
CVE-2023-41056	2024-01-10	Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code ex…
CVE-2023-45510	2023-10-12	tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch (operator new [] vs operator delete) error.
CVE-2023-3648	2023-07-14	Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

コンテンツ投稿

名称: CWE Content Team
組織: MITRE
日付: 2009-05-08
バージョン: 1.4

コンテンツの変更履歴

日付	名称	バージョン	重要度	コメント
2009-12-28	CWE Content Team	1.7	—	updated Applicable_Platforms, Likelihood_of_Exploit
2010-06-21	CWE Content Team	1.9	—	updated Description, Potential_Mitigations
2011-06-01	CWE Content Team	1.13	—	updated Common_Consequences
2011-09-13	CWE Content Team	2.1	—	updated Relationships, Taxonomy_Mappings
2012-05-11	CWE Content Team	2.2	—	updated Demonstrative_Examples, Relationships
2012-10-30	CWE Content Team	2.3	—	updated Potential_Mitigations
2014-02-18	CWE Content Team	2.6	—	updated Demonstrative_Examples, Potential_Mitigations, References
2014-07-30	CWE Content Team	2.8	—	updated Relationships, Taxonomy_Mappings
2017-11-08	CWE Content Team	3.0	—	updated Applicable_Platforms, References, Taxonomy_Mappings
2019-01-03	CWE Content Team	3.2	—	updated Relationships
2020-02-24	CWE Content Team	4.0	—	updated Relationships
2020-12-10	CWE Content Team	4.3	—	updated Relationships
2021-03-15	CWE Content Team	4.4	—	updated Relationships
2023-01-31	CWE Content Team	4.10	—	updated Description
2023-04-27	CWE Content Team	4.11	—	updated References, Relationships
2023-06-29	CWE Content Team	4.12	—	updated Mapping_Notes
2025-09-09	CWE Content Team	4.18	—	updated Functional_Areas, References
2025-12-11	CWE Content Team	4.19	—	updated Applicable_Platforms, Detection_Factors, Potential_Mitigations, References, Weakness_Ordinalities
2026-04-30	CWE Content Team	4.20	—	updated Detection_Factors

貢献

タイプ	名称	日付	コメント
Feedback	Martin Sebor	2010-04-30	Provided improvement to existing Mitigation