2 matches found
CVE-2024-4435
CVE-2024-4435 concerns a memory leak in stable-structures’ BTreeMap when deallocating nodes that overflow, where only the first memory chunk is freed and subsequent chunks remain allocated. This can enable memory growth or exhaustion depending on how a canister uses the map. The issue has been fi...
CVE-2024-4435 BTreeMap memory leak when deallocating nodes with overflows
When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". It was discovered recently that when we deallocate a node, in some cases only the first memory chunk is deallocated, and the rest of the memory chunks remain incorrectly allocated, causing a...