Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-X3CP-9CGR-M6GC

Vulnerability from github – Published: 2024-05-17 15:31 – Updated: 2025-09-19 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Mark target gfn of emulated atomic instruction as dirty

When emulating an atomic access on behalf of the guest, mark the target gfn dirty if the CMPXCHG by KVM is attempted and doesn't fault. This fixes a bug where KVM effectively corrupts guest memory during live migration by writing to guest memory without informing userspace that the page is dirty.

Marking the page dirty got unintentionally dropped when KVM's emulated CMPXCHG was converted to do a user access. Before that, KVM explicitly mapped the guest page into kernel memory, and marked the page dirty during the unmap phase.

Mark the page dirty even if the CMPXCHG fails, as the old data is written back on failure, i.e. the page is still written. The value written is guaranteed to be the same because the operation is atomic, but KVM's ABI is that all writes are dirty logged regardless of the value written. And more importantly, that's what KVM did before the buggy commit.

Huge kudos to the folks on the Cc list (and many others), who did all the actual work of triaging and debugging.

base-commit: 6769ea8da8a93ed4630f1ce64df6aafcaabfce64

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35804"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-17T14:15:13Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Mark target gfn of emulated atomic instruction as dirty\n\nWhen emulating an atomic access on behalf of the guest, mark the target\ngfn dirty if the CMPXCHG by KVM is attempted and doesn\u0027t fault.  This\nfixes a bug where KVM effectively corrupts guest memory during live\nmigration by writing to guest memory without informing userspace that the\npage is dirty.\n\nMarking the page dirty got unintentionally dropped when KVM\u0027s emulated\nCMPXCHG was converted to do a user access.  Before that, KVM explicitly\nmapped the guest page into kernel memory, and marked the page dirty during\nthe unmap phase.\n\nMark the page dirty even if the CMPXCHG fails, as the old data is written\nback on failure, i.e. the page is still written.  The value written is\nguaranteed to be the same because the operation is atomic, but KVM\u0027s ABI\nis that all writes are dirty logged regardless of the value written.  And\nmore importantly, that\u0027s what KVM did before the buggy commit.\n\nHuge kudos to the folks on the Cc list (and many others), who did all the\nactual work of triaging and debugging.\n\nbase-commit: 6769ea8da8a93ed4630f1ce64df6aafcaabfce64",
  "id": "GHSA-x3cp-9cgr-m6gc",
  "modified": "2025-09-19T18:31:17Z",
  "published": "2024-05-17T15:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35804"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/225d587a073584946c05c9b7651d637bd45c0c71"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/726374dde5d608b15b9756bd52b6fc283fda7a06"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/910c57dfa4d113aae6571c2a8b9ae8c430975902"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9d1b22e573a3789ed1f32033ee709106993ba551"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a9bd6bb6f02bf7132c1ab192ba62bbfa52df7d66"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X3WV-3WJ6-MVVV

Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-16 03:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: Fix memory leak in amdgpu_ras_init()

When amdgpu_nbio_ras_sw_init() fails in amdgpu_ras_init(), the function returns directly without freeing the allocated con structure, leading to a memory leak.

Fix this by jumping to the release_con label to properly clean up the allocated memory before returning the error code.

Compile tested only. Issue found using a prototype static analysis tool and code review.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-45976"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-27T14:17:14Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix memory leak in amdgpu_ras_init()\n\nWhen amdgpu_nbio_ras_sw_init() fails in amdgpu_ras_init(), the function\nreturns directly without freeing the allocated con structure, leading\nto a memory leak.\n\nFix this by jumping to the release_con label to properly clean up the\nallocated memory before returning the error code.\n\nCompile tested only. Issue found using a prototype static analysis tool\nand code review.",
  "id": "GHSA-x3wv-3wj6-mvvv",
  "modified": "2026-06-16T03:30:33Z",
  "published": "2026-05-27T15:33:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45976"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2fef8c2ac67e7c1b0409d23653300b134c63e54c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3f43e7812b30d6b2e850218f9bb1dae60727fcef"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c11cd77a18115d2cd3f4b6915c4a537b6042f950"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ee41e5b63c8210525c936ee637a2c8d185ce873c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f8a5426652bdadd4a5cb48326d48abbdfebe8153"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X3XW-8J27-57GC

Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-05-07 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()

When prestera_sdma_switch_init() failed, the memory pointed to by sw->rxtx isn't released. Fix it. Only be compiled, not be tested.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49857"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T15:16:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()\n\nWhen prestera_sdma_switch_init() failed, the memory pointed to by\nsw-\u003erxtx isn\u0027t released. Fix it. Only be compiled, not be tested.",
  "id": "GHSA-x3xw-8j27-57gc",
  "modified": "2025-05-07T15:31:25Z",
  "published": "2025-05-01T15:31:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49857"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/31e5084ac6876e52dbb0a1cc4fc18b6c79979f31"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/409731df6310a33f4d0a3ef594d2410cdcd637f2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/519b58bbfa825f042fcf80261cc18e1e35f85ffd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5333cf1b7f6861912aff6263978d4781f9858e47"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X45P-M5JM-48HC

Vulnerability from github – Published: 2025-10-23 18:31 – Updated: 2025-10-23 18:31
VLAI
Details

FontForge v20230101 was discovered to contain a memory leak via the utf7toutf8_copy function at /fontforge/sfd.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-50951"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-23T16:16:33Z",
    "severity": "HIGH"
  },
  "details": "FontForge v20230101 was discovered to contain a memory leak via the utf7toutf8_copy function at /fontforge/sfd.c.",
  "id": "GHSA-x45p-m5jm-48hc",
  "modified": "2025-10-23T18:31:14Z",
  "published": "2025-10-23T18:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50951"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fontforge/fontforge/pull/5495"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X4V9-V29C-XH9H

Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-25 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: chips-media: wave5: Fix memory leak on codec_info allocation failure

In wave5_vpu_open_enc() and wave5_vpu_open_dec(), a vpu instance is allocated via kzalloc(). If the subsequent allocation for inst->codec_info fails, the functions return -ENOMEM without freeing the previously allocated instance, causing a memory leak.

Fix this by calling kfree() on the instance in this error path to ensure it is properly released.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-45928"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-27T14:17:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: chips-media: wave5: Fix memory leak on codec_info allocation failure\n\nIn wave5_vpu_open_enc() and wave5_vpu_open_dec(), a vpu instance is\nallocated via kzalloc(). If the subsequent allocation for inst-\u003ecodec_info\nfails, the functions return -ENOMEM without freeing the previously\nallocated instance, causing a memory leak.\n\nFix this by calling kfree() on the instance in this error path to ensure\nit is properly released.",
  "id": "GHSA-x4v9-v29c-xh9h",
  "modified": "2026-06-25T15:31:43Z",
  "published": "2026-05-27T15:33:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45928"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1de71556cbd6e1d0d26fb86b9b3bb8caa0df8495"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/32e9e45cf7e3422d21fa64535588d3572faf71c3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/52defdd4034db1a34bb48006f889d66a3629224b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a519e21e32398459ba357e67b541402f7295ee1b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X54V-QXXR-93QC

Vulnerability from github – Published: 2021-08-25 20:45 – Updated: 2023-06-13 20:38
VLAI
Summary
Missing release of memory in sized-chunks
Details

Chunk:

  • Array size is not checked when constructed with unit() and pair().
  • Array size is not checked when constructed with From>.
  • Clone and insert_from are not panic-safe; A panicking iterator causes memory safety issues with them.

InlineArray:

  • Generates unaligned references for types with a large alignment requirement.
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "sized-chunks"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.6.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-25795"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T21:21:52Z",
    "nvd_published_at": "2020-09-19T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Chunk:\n\n* Array size is not checked when constructed with unit() and pair().\n* Array size is not checked when constructed with From\u003cInlineArray\u003cA, T\u003e\u003e.\n* Clone and insert_from are not panic-safe; A panicking iterator causes memory safety issues with them.\n\nInlineArray:\n\n* Generates unaligned references for types with a large alignment requirement.\n",
  "id": "GHSA-x54v-qxxr-93qc",
  "modified": "2023-06-13T20:38:08Z",
  "published": "2021-08-25T20:45:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25795"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bodil/sized-chunks/issues/11"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/bodil/sized-chunks"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2020-0041.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Missing release of memory in sized-chunks"
}

GHSA-X55J-XPQJ-9HR9

Vulnerability from github – Published: 2025-09-16 18:31 – Updated: 2025-12-02 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: hns: fix possible memory leak in hnae_ae_register()

Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name() is leaked. Fix this by calling put_device(), so that name can be freed in callback function kobject_cleanup().

unreferenced object 0xffff00c01aba2100 (size 128): comm "systemd-udevd", pid 1259, jiffies 4294903284 (age 294.152s) hex dump (first 32 bytes): 68 6e 61 65 30 00 00 00 18 21 ba 1a c0 00 ff ff hnae0....!...... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<0000000034783f26>] slab_post_alloc_hook+0xa0/0x3e0 [<00000000748188f2>] __kmem_cache_alloc_node+0x164/0x2b0 [<00000000ab0743e8>] __kmalloc_node_track_caller+0x6c/0x390 [<000000006c0ffb13>] kvasprintf+0x8c/0x118 [<00000000fa27bfe1>] kvasprintf_const+0x60/0xc8 [<0000000083e10ed7>] kobject_set_name_vargs+0x3c/0xc0 [<000000000b87affc>] dev_set_name+0x7c/0xa0 [<000000003fd8fe26>] hnae_ae_register+0xcc/0x190 [hnae] [<00000000fe97edc9>] hns_dsaf_ae_init+0x9c/0x108 [hns_dsaf] [<00000000c36ff1eb>] hns_dsaf_probe+0x548/0x748 [hns_dsaf]

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50352"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-16T17:15:35Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns: fix possible memory leak in hnae_ae_register()\n\nInject fault while probing module, if device_register() fails,\nbut the refcount of kobject is not decreased to 0, the name\nallocated in dev_set_name() is leaked. Fix this by calling\nput_device(), so that name can be freed in callback function\nkobject_cleanup().\n\nunreferenced object 0xffff00c01aba2100 (size 128):\n  comm \"systemd-udevd\", pid 1259, jiffies 4294903284 (age 294.152s)\n  hex dump (first 32 bytes):\n    68 6e 61 65 30 00 00 00 18 21 ba 1a c0 00 ff ff  hnae0....!......\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace:\n    [\u003c0000000034783f26\u003e] slab_post_alloc_hook+0xa0/0x3e0\n    [\u003c00000000748188f2\u003e] __kmem_cache_alloc_node+0x164/0x2b0\n    [\u003c00000000ab0743e8\u003e] __kmalloc_node_track_caller+0x6c/0x390\n    [\u003c000000006c0ffb13\u003e] kvasprintf+0x8c/0x118\n    [\u003c00000000fa27bfe1\u003e] kvasprintf_const+0x60/0xc8\n    [\u003c0000000083e10ed7\u003e] kobject_set_name_vargs+0x3c/0xc0\n    [\u003c000000000b87affc\u003e] dev_set_name+0x7c/0xa0\n    [\u003c000000003fd8fe26\u003e] hnae_ae_register+0xcc/0x190 [hnae]\n    [\u003c00000000fe97edc9\u003e] hns_dsaf_ae_init+0x9c/0x108 [hns_dsaf]\n    [\u003c00000000c36ff1eb\u003e] hns_dsaf_probe+0x548/0x748 [hns_dsaf]",
  "id": "GHSA-x55j-xpqj-9hr9",
  "modified": "2025-12-02T00:31:10Z",
  "published": "2025-09-16T18:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50352"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02dc0db19d944b4a90941db505ecf1aaec714be4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2974f3b330ef25f5d34a4948d04290c2cd7802cf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3b78453cca046d3b03853f0d077ad3ad130db886"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7ae1345f6ad715acbcdc9e1ac28153684fd498bb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/91f8f5342bee726ed5692583d58f69e7cc9ae60e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a3c148955c22fe1d94d7a2096005679c1f22eddf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dfc0337c6dceb6449403b33ecb141f4a1458a1e9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ff2f5ec5d009844ec28f171123f9e58750cef4bf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X57G-X9FG-576H

Vulnerability from github – Published: 2024-02-29 03:33 – Updated: 2024-08-28 18:31
VLAI
Details

Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-24155"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-29T01:44:11Z",
    "severity": "MODERATE"
  },
  "details": "Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file.",
  "id": "GHSA-x57g-x9fg-576h",
  "modified": "2024-08-28T18:31:53Z",
  "published": "2024-02-29T03:33:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24155"
    },
    {
      "type": "WEB",
      "url": "https://github.com/axiomatic-systems/Bento4/issues/919"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X58G-PGF5-4JP7

Vulnerability from github – Published: 2024-05-19 09:34 – Updated: 2025-12-23 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

of: dynamic: Synchronize of_changeset_destroy() with the devlink removals

In the following sequence: 1) of_platform_depopulate() 2) of_overlay_remove()

During the step 1, devices are destroyed and devlinks are removed. During the step 2, OF nodes are destroyed but __of_changeset_entry_destroy() can raise warnings related to missing of_node_put(): ERROR: memory leak, expected refcount 1 instead of 2 ...

Indeed, during the devlink removals performed at step 1, the removal itself releasing the device (and the attached of_node) is done by a job queued in a workqueue and so, it is done asynchronously with respect to function calls. When the warning is present, of_node_put() will be called but wrongly too late from the workqueue job.

In order to be sure that any ongoing devlink removals are done before the of_node destruction, synchronize the of_changeset_destroy() with the devlink removals.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35879"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-19T09:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: dynamic: Synchronize of_changeset_destroy() with the devlink removals\n\nIn the following sequence:\n  1) of_platform_depopulate()\n  2) of_overlay_remove()\n\nDuring the step 1, devices are destroyed and devlinks are removed.\nDuring the step 2, OF nodes are destroyed but\n__of_changeset_entry_destroy() can raise warnings related to missing\nof_node_put():\n  ERROR: memory leak, expected refcount 1 instead of 2 ...\n\nIndeed, during the devlink removals performed at step 1, the removal\nitself releasing the device (and the attached of_node) is done by a job\nqueued in a workqueue and so, it is done asynchronously with respect to\nfunction calls.\nWhen the warning is present, of_node_put() will be called but wrongly\ntoo late from the workqueue job.\n\nIn order to be sure that any ongoing devlink removals are done before\nthe of_node destruction, synchronize the of_changeset_destroy() with the\ndevlink removals.",
  "id": "GHSA-x58g-pgf5-4jp7",
  "modified": "2025-12-23T21:30:18Z",
  "published": "2024-05-19T09:34:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35879"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3127b2ee50c424a96eb3559fbb7b43cf0b111c7a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3ee2424107546d882e1ddd75333ca9c32879908c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7b6df050c45a1ea158fd50bc32a8e1447dd1e951"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/801c8b8ec5bfb3519566dff16a5ecd48302fca82"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8917e7385346bd6584890ed362985c219fe6ae84"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ae6d76e4f06c37a623e357e79d49b17411db6f5c"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X63H-X8XW-CQ89

Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19
VLAI
Details

There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-36993"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-28T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.",
  "id": "GHSA-x63h-x8xw-cq89",
  "modified": "2022-05-24T19:19:05Z",
  "published": "2022-05-24T19:19:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36993"
    },
    {
      "type": "WEB",
      "url": "https://consumer.huawei.com/en/support/bulletin/2021/7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.