VariantIncomplete

CWE-762Mismatched Memory Management Routines

Category: memory

Description

The product attempts to return a memory resource to the system, but it calls a release function that is not compatible with the function that was originally used to allocate that resource.

Common consequences· 1

  • Integrity / Availability / Confidentiality — Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands

Potential mitigations· 4

  • [Implementation]Only call matching memory management functions. Do not mix and match routines. For example, when you allocate a buffer with malloc(), dispose of the original pointer with free().
  • [Implementation]
  • [Architecture and Design]
  • [Architecture and Design]Use a language that provides abstractions for memory allocation and deallocation.

References

  1. https://cwe.mitre.org/data/definitions/762.html

(incoming)2

TypeTargetConfidenceTier
VulnerabilityCVE-2025-47737cve-2025-477370%live
VulnerabilityCVE-2025-48755cve-2025-487550%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Release of Invalid Pointer or Reference
CWE
Missing Release of Memory after Effective Lifetime
CWE
Multiple Releases of Same Resource or Handle
CWE
Free of Pointer not at Start of Buffer
CWE
Expired Pointer Dereference
CWE
Access of Resource Using Incompatible Type ('Type Confusion')
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.