CWE-772 467 個 CVE MITRE 定義 ↗

CWE-772:Missing Release of Resource after Effective Lifetime

概覽

CWE-772(Missing Release of Resource after Effective Lifetime)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

適用平台

類型 名稱 普遍性 OS / CPE
technology Mobile Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2026-54786 2026-07-01 Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain…
CVE-2026-13351 2026-06-25 Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by the…
CVE-2026-40209 2026-06-25 An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a …
CVE-2026-53251 2026-06-25 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on iso_conn_big_sync hci_get_route() returns a reference-counted hci_dev pointer …
CVE-2026-53154 2026-06-25 In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via alloc_…
CVE-2026-48043 2026-06-12 Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the `DelegatingDecompressorFrameListene…
CVE-2026-48006 2026-06-12 Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled di…
CVE-2026-45536 2026-06-12 Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, netty_unix_socket_recvFd sets msg_control to `char control[C…
CVE-2026-46292 2026-06-08 In the Linux kernel, the following vulnerability has been resolved: pmdomain: core: Fix detach procedure for virtual devices in genpd If a device is attached to a PM domain through genpd_dev_pm_atta…
CVE-2026-45287 2026-06-04 OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, `go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.io/otel/schema/v1.1` leaks one file descriptor on each…
CVE-2026-9156 2026-05-26 Tanium addressed a denial of service vulnerability in Tanium Server.
CVE-2026-39830 2026-05-22 A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), re…
CVE-2026-42577 2026-05-13 Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after bein…
CVE-2026-39455 2026-05-13 When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authentication, undisclosed traffic can cause the httpd process to exhaust the available file de…
CVE-2026-35227 2026-05-12 An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing leg…
CVE-2026-43314 2026-05-08 In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 ("blk-mq: move failure injection out of blk_mq_complete_re…
CVE-2026-43257 2026-05-06 In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add missing unmap in snd_cx88_hw_params() In error path, add cx88_alsa_dma_unmap() to release resource acquired by cx…
CVE-2026-43054 2026-05-01 In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Drain commands in target_reset handler tcm_loop_target_reset() violates the SCSI EH contract: it returns S…
CVE-2026-3104 2026-03-25 A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and …
CVE-2026-23299 2026-03-25 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SO_TIMESTAMPING, SKBs may be queued into s…

內容提交

名稱
CWE Content Team
組織
MITRE
日期
2009-05-13
版本
1.4

內容修訂

日期 名稱 版本 重要性 評論
2010-02-16 CWE Content Team 1.8 updated Demonstrative_Examples, Potential_Mitigations, Relationships
2010-04-05 CWE Content Team 1.8.1 updated Potential_Mitigations
2010-06-21 CWE Content Team 1.9 updated Potential_Mitigations
2011-06-01 CWE Content Team 1.13 updated Common_Consequences, Relationships, Taxonomy_Mappings
2011-06-27 CWE Content Team 2.0 updated Observed_Examples, Related_Attack_Patterns, Relationships
2011-09-13 CWE Content Team 2.1 updated Relationships, Taxonomy_Mappings
2012-05-11 CWE Content Team 2.2 updated Demonstrative_Examples, Relationships, Taxonomy_Mappings
2012-10-30 CWE Content Team 2.3 updated Potential_Mitigations
2013-02-21 CWE Content Team 2.4 updated Relationships
2014-02-18 CWE Content Team 2.6 updated Applicable_Platforms, Demonstrative_Examples
2014-07-30 CWE Content Team 2.8 updated Relationships, Taxonomy_Mappings
2017-01-19 CWE Content Team 2.10 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Likelihood_of_Exploit, Taxonomy_Mappings
2019-01-03 CWE Content Team 3.2 updated Common_Consequences, References, Relationships, Taxonomy_Mappings
2019-06-20 CWE Content Team 3.3 updated Relationships
2019-09-19 CWE Content Team 3.4 updated Description, Relationships
2020-02-24 CWE Content Team 4.0 updated Applicable_Platforms, Relationships, Taxonomy_Mappings
2020-08-20 CWE Content Team 4.2 updated Relationships
2020-12-10 CWE Content Team 4.3 updated Relationships
2021-03-15 CWE Content Team 4.4 updated Demonstrative_Examples
2022-10-13 CWE Content Team 4.9 updated Relationships, Taxonomy_Mappings
2023-01-31 CWE Content Team 4.10 updated Description
2023-04-27 CWE Content Team 4.11 updated Relationships, Time_of_Introduction
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2023-10-26 CWE Content Team 4.13 updated Observed_Examples
2025-09-09 CWE Content Team 4.18 updated Common_Consequences, Description, Diagram
2025-12-11 CWE Content Team 4.19 updated Detection_Factors, Weakness_Ordinalities
cvelogic Threat Intelligence