CWE-911— Improper Update of Reference Count
The product uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count.— MITRE CWE catalog
17 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-911page 1 of 1
- CVE-2020-11935MEDIUMCVSS 4.4EG 5.52023-04-07
It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.
- CVE-2021-47327HIGHCVSS 7.1EG 7.12024-05-21
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails arm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases the refcount of the "smmu…
- CVE-2022-1678MEDIUMCVSS 5.9EG 7.52022-05-25
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
- CVE-2022-22195HIGHCVSS 7.5EG 7.52022-04-14
An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issu…
- CVE-2022-29581HIGHCVSS 7.8EG 7.82022-05-17
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
- CVE-2022-37012HIGHCVSS 7.5EG 7.52023-03-29
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation OPC UA C++ Demo Server 1.7.6-537. Authentication is not required to exploit this vulnerability. The specific…
- CVE-2023-2019MEDIUMCVSS 4.4EG 4.42023-04-24
A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on th…
- CVE-2023-22394HIGHCVSS 7.5EG 7.52023-01-13
An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services (DoS). This …
- CVE-2023-5633HIGHCVSS 7.8EG 7.82023-10-23
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest w…
- CVE-2023-6270HIGHCVSS 7.0EG 7.02024-01-04
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct…
- CVE-2024-43102CRITICALCVSS 10.0EG 9.82024-09-05
Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the reference count of the object representing the mapping too many times, causing it to be fre…
- CVE-2024-45783MEDIUMCVSS 4.4EG 4.42025-02-18
A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access.
- CVE-2024-46972HIGHCVSS 7.8EG 7.82024-12-28
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
- CVE-2026-42534MEDIUMCVSS 5.3EG 5.32026-05-20
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could renew the age of slow running queries and n…
- CVE-2026-46099HIGHCVSS 8.1EG 8.12026-05-27
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6_input_core() and rpl_input() call ip6_route_input() which sets a NOREF dst on the skb, then pass it to dst_ca…
- CVE-2026-46316CRITICALCVSS 9.3EG 9.32026-06-09
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgic_its_invalidate_cache() walks the per-ITS translation cache with xa_for_each() a…
- CVE-2026-52943HIGHCVSS 7.8EG 7.82026-06-24
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: fix missing zerocopy reference in pskb_carve helpers pskb_carve_inside_header() and pskb_carve_inside_nonlinear() both copy the old skb_shared_info header i…
Map vulnerabilities like CWE-911 to your infrastructure
EchelonGraph correlates every CVE — across CWE-911 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →