Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-WPVW-HHW9-P3QJ

Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-16 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ARC: mm: fix leakage of memory allocated for PTE

Since commit d9820ff ("ARC: mm: switch pgtable_t back to struct page *") a memory leakage problem occurs. Memory allocated for page table entries not released during process termination. This issue can be reproduced by a small program that allocates a large amount of memory. After several runs, you'll see that the amount of free memory has reduced and will continue to reduce after each run. All ARC CPUs are effected by this issue. The issue was introduced since the kernel stable release v5.15-rc1.

As described in commit d9820ff after switch pgtable_t back to struct page *, a pointer to "struct page" and appropriate functions are used to allocate and free a memory page for PTEs, but the pmd_pgtable macro hasn't changed and returns the direct virtual address from the PMD (PGD) entry. Than this address used as a parameter in the __pte_free() and as a result this function couldn't release memory page allocated for PTEs.

Fix this issue by changing the pmd_pgtable macro and returning pointer to struct page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50446"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T12:15:37Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nARC: mm: fix leakage of memory allocated for PTE\n\nSince commit d9820ff (\"ARC: mm: switch pgtable_t back to struct page *\")\na memory leakage problem occurs. Memory allocated for page table entries\nnot released during process termination. This issue can be reproduced by\na small program that allocates a large amount of memory. After several\nruns, you\u0027ll see that the amount of free memory has reduced and will\ncontinue to reduce after each run. All ARC CPUs are effected by this\nissue. The issue was introduced since the kernel stable release v5.15-rc1.\n\nAs described in commit d9820ff after switch pgtable_t back to struct\npage *, a pointer to \"struct page\" and appropriate functions are used to\nallocate and free a memory page for PTEs, but the pmd_pgtable macro hasn\u0027t\nchanged and returns the direct virtual address from the PMD (PGD) entry.\nThan this address used as a parameter in the __pte_free() and as a result\nthis function couldn\u0027t release memory page allocated for PTEs.\n\nFix this issue by changing the pmd_pgtable macro and returning pointer to\nstruct page.",
  "id": "GHSA-wpvw-hhw9-p3qj",
  "modified": "2026-01-16T21:30:28Z",
  "published": "2025-10-01T12:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50446"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/14009ada5712649589ab4ad0441b811780ea8773"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4fd9df10cb7a9289fbd22d669f9f98164d95a1ce"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d83a69966e8b6ae9dd447f3ac704c0223bceb7f7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WQ62-9P2F-CFR9

Vulnerability from github – Published: 2025-10-04 18:31 – Updated: 2026-01-23 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

rtc: class: Fix potential memleak in devm_rtc_allocate_device()

devm_rtc_allocate_device() will alloc a rtc_device first, and then run dev_set_name(). If dev_set_name() failed, the rtc_device will memleak. Move devm_add_action_or_reset() in front of dev_set_name() to prevent memleak.

unreferenced object 0xffff888110a53000 (size 2048): comm "python3", pid 470, jiffies 4296078308 (age 58.882s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 30 a5 10 81 88 ff ff .........0...... 08 30 a5 10 81 88 ff ff 00 00 00 00 00 00 00 00 .0.............. backtrace: [<000000004aac0364>] kmalloc_trace+0x21/0x110 [<000000000ff02202>] devm_rtc_allocate_device+0xd4/0x400 [<000000001bdf5639>] devm_rtc_device_register+0x1a/0x80 [<00000000351bf81c>] rx4581_probe+0xdd/0x110 [rtc_rx4581] [<00000000f0eba0ae>] spi_probe+0xde/0x130 [<00000000bff89ee8>] really_probe+0x175/0x3f0 [<00000000128e8d84>] __driver_probe_device+0xe6/0x170 [<00000000ee5bf913>] device_driver_attach+0x32/0x80 [<00000000f3f28f92>] bind_store+0x10b/0x1a0 [<000000009ff812d8>] drv_attr_store+0x49/0x70 [<000000008139c323>] sysfs_kf_write+0x8d/0xb0 [<00000000b6146e01>] kernfs_fop_write_iter+0x214/0x2d0 [<00000000ecbe3895>] vfs_write+0x61a/0x7d0 [<00000000aa2196ea>] ksys_write+0xc8/0x190 [<0000000046a600f5>] do_syscall_64+0x37/0x90 [<00000000541a336f>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50477"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-04T16:15:44Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: class: Fix potential memleak in devm_rtc_allocate_device()\n\ndevm_rtc_allocate_device() will alloc a rtc_device first, and then run\ndev_set_name(). If dev_set_name() failed, the rtc_device will memleak.\nMove devm_add_action_or_reset() in front of dev_set_name() to prevent\nmemleak.\n\nunreferenced object 0xffff888110a53000 (size 2048):\n  comm \"python3\", pid 470, jiffies 4296078308 (age 58.882s)\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 08 30 a5 10 81 88 ff ff  .........0......\n    08 30 a5 10 81 88 ff ff 00 00 00 00 00 00 00 00  .0..............\n  backtrace:\n    [\u003c000000004aac0364\u003e] kmalloc_trace+0x21/0x110\n    [\u003c000000000ff02202\u003e] devm_rtc_allocate_device+0xd4/0x400\n    [\u003c000000001bdf5639\u003e] devm_rtc_device_register+0x1a/0x80\n    [\u003c00000000351bf81c\u003e] rx4581_probe+0xdd/0x110 [rtc_rx4581]\n    [\u003c00000000f0eba0ae\u003e] spi_probe+0xde/0x130\n    [\u003c00000000bff89ee8\u003e] really_probe+0x175/0x3f0\n    [\u003c00000000128e8d84\u003e] __driver_probe_device+0xe6/0x170\n    [\u003c00000000ee5bf913\u003e] device_driver_attach+0x32/0x80\n    [\u003c00000000f3f28f92\u003e] bind_store+0x10b/0x1a0\n    [\u003c000000009ff812d8\u003e] drv_attr_store+0x49/0x70\n    [\u003c000000008139c323\u003e] sysfs_kf_write+0x8d/0xb0\n    [\u003c00000000b6146e01\u003e] kernfs_fop_write_iter+0x214/0x2d0\n    [\u003c00000000ecbe3895\u003e] vfs_write+0x61a/0x7d0\n    [\u003c00000000aa2196ea\u003e] ksys_write+0xc8/0x190\n    [\u003c0000000046a600f5\u003e] do_syscall_64+0x37/0x90\n    [\u003c00000000541a336f\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd",
  "id": "GHSA-wq62-9p2f-cfr9",
  "modified": "2026-01-23T18:31:23Z",
  "published": "2025-10-04T18:31:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50477"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0bcfc8fd3e596994f527b46730579428b3a4fa5f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/59457a0f079eae19aaf322b3cc1c8ba66f55c5f3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/60da73808298ff2cfa9f165d55eb3d7aa7078601"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WQ78-4W69-8M35

Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-11 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: iris: gen2: Add sanity check for session stop

In iris_kill_session, inst->state is set to IRIS_INST_ERROR and session_close is executed, which will kfree(inst_hfi_gen2->packet). If stop_streaming is called afterward, it will cause a crash.

Add a NULL check for inst_hfi_gen2->packet before sendling STOP packet to firmware to fix that.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43217"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-06T12:16:41Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: iris: gen2: Add sanity check for session stop\n\nIn iris_kill_session, inst-\u003estate is set to IRIS_INST_ERROR and\nsession_close is executed, which will kfree(inst_hfi_gen2-\u003epacket).\nIf stop_streaming is called afterward, it will cause a crash.\n\nAdd a NULL check for inst_hfi_gen2-\u003epacket before sendling STOP packet\nto firmware to fix that.",
  "id": "GHSA-wq78-4w69-8m35",
  "modified": "2026-05-11T21:31:31Z",
  "published": "2026-05-06T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43217"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/72846441c5f6396de9face04e77fa3d28e9915b6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/75992ba43072674fd4767df62a1fe2048565cc60"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9aa8d63d09cfc44d879427cc5ba308012ca4ab8e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WQR7-3RHV-2C6R

Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-03 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

rethook: fix a potential memleak in rethook_alloc()

In rethook_alloc(), the variable rh is not freed or passed out if handler is NULL, which could lead to a memleak, fix it.

[Masami: Add "rethook:" tag to the title.]

Acke-by: Masami Hiramatsu (Google) mhiramat@kernel.org

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49795"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T15:16:02Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrethook: fix a potential memleak in rethook_alloc()\n\nIn rethook_alloc(), the variable rh is not freed or passed out\nif handler is NULL, which could lead to a memleak, fix it.\n\n[Masami: Add \"rethook:\" tag to the title.]\n\nAcke-by: Masami Hiramatsu (Google) \u003cmhiramat@kernel.org\u003e",
  "id": "GHSA-wqr7-3rhv-2c6r",
  "modified": "2025-11-03T15:30:27Z",
  "published": "2025-05-01T15:31:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49795"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0a1ebe35cb3b7aa1f4b26b37e2a0b9ae68dc4ffb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cbc5d1f9a8cc40ba2bc6779b36d2ea1f65bc027c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WQRM-FG5Q-J57M

Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2024-10-25 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

can: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down

In can327_feed_frame_to_netdev(), it did not free the skb when netdev is down, and all callers of can327_feed_frame_to_netdev() did not free allocated skb too. That would trigger skb leak.

Fix it by adding kfree_skb() in can327_feed_frame_to_netdev() when netdev is down. Not tested, just compiled.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49008"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-21T20:15:12Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down\n\nIn can327_feed_frame_to_netdev(), it did not free the skb when netdev\nis down, and all callers of can327_feed_frame_to_netdev() did not free\nallocated skb too. That would trigger skb leak.\n\nFix it by adding kfree_skb() in can327_feed_frame_to_netdev() when netdev\nis down. Not tested, just compiled.",
  "id": "GHSA-wqrm-fg5q-j57m",
  "modified": "2024-10-25T15:31:26Z",
  "published": "2024-10-21T21:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49008"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/797b1d9fc0e1f4351e4ad49b078c1a3cdc0d4a08"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8fa452cfafed521aaf5a18c71003fe24b1ee6141"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WQVF-M58C-H7RW

Vulnerability from github – Published: 2025-03-04 21:30 – Updated: 2025-03-04 21:30
VLAI
Details

On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9135"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-04T21:15:12Z",
    "severity": "MODERATE"
  },
  "details": "On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.",
  "id": "GHSA-wqvf-m58c-h7rw",
  "modified": "2025-03-04T21:30:58Z",
  "published": "2025-03-04T21:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9135"
    },
    {
      "type": "WEB",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21092-security-advisory-0110"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WR5G-85MP-25C9

Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2024-12-30 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: ipv4: fix memory leak in netlbl_cipsov4_add_std

Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline] [<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline] [<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline] [<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416 [<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739 [<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800 [<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504 [<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline] [<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340 [<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929 [<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline] [<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674 [<00000000321d1969>] _syssendmsg+0x658/0x7d0 net/socket.c:2350 [<00000000964e16bc>] _sys_sendmsg+0xf8/0x170 net/socket.c:2404 [<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433 [<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47 [<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae

The memory of doi_def->map.std pointing is allocated in netlbl_cipsov4_add_std, but no place has freed it. It should be freed in cipso_v4_doi_free which frees the cipso DOI resource.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47250"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T15:15:13Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\n\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[\u003c00000000e67ed558\u003e] kmalloc include/linux/slab.h:590 [inline]\n[\u003c00000000e67ed558\u003e] kzalloc include/linux/slab.h:720 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[\u003c0000000006040154\u003e] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[\u003c00000000204d7a1c\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[\u003c00000000204d7a1c\u003e] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[\u003c00000000c0d6a995\u003e] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[\u003c00000000d78b9d2c\u003e] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[\u003c000000009733081b\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[\u003c000000009733081b\u003e] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[\u003c00000000d5fd43b8\u003e] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[\u003c000000000a2d1e40\u003e] sock_sendmsg_nosec net/socket.c:654 [inline]\n[\u003c000000000a2d1e40\u003e] sock_sendmsg+0x139/0x170 net/socket.c:674\n[\u003c00000000321d1969\u003e] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[\u003c00000000964e16bc\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[\u003c000000001615e288\u003e] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[\u003c000000004ee8b6a5\u003e] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[\u003c00000000171c7cee\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe memory of doi_def-\u003emap.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource.",
  "id": "GHSA-wr5g-85mp-25c9",
  "modified": "2024-12-30T21:30:46Z",
  "published": "2024-05-21T15:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47250"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WR7H-5WM3-P3H4

Vulnerability from github – Published: 2022-07-29 00:00 – Updated: 2022-08-05 00:00
VLAI
Details

SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-34568"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-28T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c.",
  "id": "GHSA-wr7h-5wm3-p3h4",
  "modified": "2022-08-05T00:00:26Z",
  "published": "2022-07-29T00:00:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34568"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libsdl-org/SDL-1.2/issues/863"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202305-17"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WR8G-5RGR-H9P9

Vulnerability from github – Published: 2025-09-16 15:32 – Updated: 2025-12-02 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe

Use devm_of_iomap() instead of of_iomap() to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc() will leak, but using devm_kzalloc() instead will automatically free the memory using devm_kfree().

Also, fix error handling of hws by adding unregister_hws label, which unregisters remaining hws when iomap failed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53264"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-16T08:15:35Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe\n\nUse devm_of_iomap() instead of of_iomap() to automatically\nhandle the unused ioremap region. If any error occurs, regions allocated by\nkzalloc() will leak, but using devm_kzalloc() instead will automatically\nfree the memory using devm_kfree().\n\nAlso, fix error handling of hws by adding unregister_hws label, which\nunregisters remaining hws when iomap failed.",
  "id": "GHSA-wr8g-5rgr-h9p9",
  "modified": "2025-12-02T21:31:26Z",
  "published": "2025-09-16T15:32:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53264"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02e54db221bb001b32f839e0149ee8d890ab9aa1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0fbdfd2542252e4c02e8158a06b7c0c9cfd40f99"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1839032251a66f2ae5a043c495532830a55d28c4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1b280598ab3bd8a2dc8b96a12530d5b1ee7a8f4a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WV38-QG96-RHR3

Vulnerability from github – Published: 2025-09-23 15:31 – Updated: 2025-09-23 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

memstick/mspro_block: fix handling of read-only devices

Use set_disk_ro to propagate the read-only state to the block layer instead of checking for it in ->open and leaking a reference in case of a read-only device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49178"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:00:54Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick/mspro_block: fix handling of read-only devices\n\nUse set_disk_ro to propagate the read-only state to the block layer\ninstead of checking for it in -\u003eopen and leaking a reference in case\nof a read-only device.",
  "id": "GHSA-wv38-qg96-rhr3",
  "modified": "2025-09-23T15:31:08Z",
  "published": "2025-09-23T15:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49178"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/057b53c4f87690d626203acef8b63d52a9bf2f43"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6a0725b9d78ff6efdc95a37e4f05072e79c63918"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6dab421bfe06a59bf8f212a72e34673e8acf2018"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.