Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-3W59-VX6F-4274

Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2025-04-29 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: cdc_eem: fix tx fixup skb leak

when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb.

fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47236"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T15:15:12Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: cdc_eem: fix tx fixup skb leak\n\nwhen usbnet transmit a skb, eem fixup it in eem_tx_fixup(),\nif skb_copy_expand() failed, it return NULL,\nusbnet_start_xmit() will have no chance to free original skb.\n\nfix it by free orginal skb in eem_tx_fixup() first,\nthen check skb clone status, if failed, return NULL to usbnet.",
  "id": "GHSA-3w59-vx6f-4274",
  "modified": "2025-04-29T21:31:35Z",
  "published": "2024-05-21T15:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47236"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3W79-77CJ-G7X9

Vulnerability from github – Published: 2026-07-15 12:32 – Updated: 2026-07-15 12:32
VLAI
Details

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the hough lines operation: when a specific operation fails, a small memory leak occurs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-61865"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-15T12:18:21Z",
    "severity": "LOW"
  },
  "details": "ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the hough lines operation: when a specific operation fails, a small memory leak occurs.",
  "id": "GHSA-3w79-77cj-g7x9",
  "modified": "2026-07-15T12:32:05Z",
  "published": "2026-07-15T12:32:05Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j8rh-v2r8-v94x"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-61865"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/imagemagick-before-26-memory-leak-in-hough-lines"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3W87-FGR4-8M86

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI
Details

Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-20451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-25T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.",
  "id": "GHSA-3w87-fgr4-8m86",
  "modified": "2022-05-24T19:03:10Z",
  "published": "2022-05-24T19:03:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20451"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://trac.ffmpeg.org/ticket/8094"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-3W9P-MC8R-HC9P

Vulnerability from github – Published: 2022-05-13 01:21 – Updated: 2022-05-13 01:21
VLAI
Details

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-11010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-08T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.",
  "id": "GHSA-3w9p-mc8r-hc9p",
  "modified": "2022-05-13T01:21:57Z",
  "published": "2022-05-13T01:21:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11010"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html"
    },
    {
      "type": "WEB",
      "url": "https://sourceforge.net/p/graphicsmagick/bugs/601"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4207-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4640"
    },
    {
      "type": "WEB",
      "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/a348d9661019"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3WWH-3W44-G9JF

Vulnerability from github – Published: 2022-05-24 17:08 – Updated: 2022-05-24 17:08
VLAI
Details

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-3753"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-02-13T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .",
  "id": "GHSA-3wwh-3w44-g9jf",
  "modified": "2022-05-24T17:08:58Z",
  "published": "2022-05-24T17:08:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3753"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb20-05.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-3WX9-F3X6-49F8

Vulnerability from github – Published: 2023-07-06 21:14 – Updated: 2024-04-04 05:39
VLAI
Details

When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-29163"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-03T15:15:13Z",
    "severity": "HIGH"
  },
  "details": "\nWhen UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
  "id": "GHSA-3wx9-f3x6-49f8",
  "modified": "2024-04-04T05:39:16Z",
  "published": "2023-07-06T21:14:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29163"
    },
    {
      "type": "WEB",
      "url": "https://my.f5.com/manage/s/article/K20145107"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3X3M-4C79-CMV9

Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2022-05-13 01:13
VLAI
Details

Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-5856"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-16T15:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.",
  "id": "GHSA-3x3m-4c79-cmv9",
  "modified": "2022-05-13T01:13:42Z",
  "published": "2022-05-13T01:13:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5856"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418342"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201702-28"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=765a707000e838c30b18d712fe6cb3dd8e0435f3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/02/01/19"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/02/02/14"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95999"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3X73-WM98-JH2G

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11
VLAI
Details

Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39282"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-18T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.",
  "id": "GHSA-3x73-wm98-jh2g",
  "modified": "2022-05-24T19:11:30Z",
  "published": "2022-05-24T19:11:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39282"
    },
    {
      "type": "WEB",
      "url": "http://lists.live555.com/pipermail/live-devel/2021-August/021970.html"
    },
    {
      "type": "WEB",
      "url": "http://www.live555.com/liveMedia/public/changelog.txt#[2021.08.13]"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3X82-HXVX-2RV2

Vulnerability from github – Published: 2024-11-07 12:30 – Updated: 2024-11-13 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: bcmasp: fix potential memory leak in bcmasp_xmit()

The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapping fails, add dev_kfree_skb() to fix it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50170"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-07T10:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bcmasp: fix potential memory leak in bcmasp_xmit()\n\nThe bcmasp_xmit() returns NETDEV_TX_OK without freeing skb\nin case of mapping fails, add dev_kfree_skb() to fix it.",
  "id": "GHSA-3x82-hxvx-2rv2",
  "modified": "2024-11-13T18:31:53Z",
  "published": "2024-11-07T12:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50170"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7218de0778aefbbbcfe474a55f88bbf6f244627d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f689f20d3e09f2d4d0a2c575a9859115a33e68bd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fed07d3eb8a8d9fcc0e455175a89bc6445d6faed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3XRG-JVXH-2HPF

Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2024-10-25 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send()

There is a kmemleak when test the raydium_i2c_ts with bpf mock device:

unreferenced object 0xffff88812d3675a0 (size 8): comm "python3", pid 349, jiffies 4294741067 (age 95.695s) hex dump (first 8 bytes): 11 0e 10 c0 01 00 04 00 ........ backtrace: [<0000000068427125>] __kmalloc+0x46/0x1b0 [<0000000090180f91>] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts] [<000000006e631aee>] raydium_i2c_initialize.cold+0xbc/0x3e4 [raydium_i2c_ts] [<00000000dc6fcf38>] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts] [<00000000a310de16>] i2c_device_probe+0x651/0x680 [<00000000f5a96bf3>] really_probe+0x17c/0x3f0 [<00000000096ba499>] __driver_probe_device+0xe3/0x170 [<00000000c5acb4d9>] driver_probe_device+0x49/0x120 [<00000000264fe082>] __device_attach_driver+0xf7/0x150 [<00000000f919423c>] bus_for_each_drv+0x114/0x180 [<00000000e067feca>] __device_attach+0x1e5/0x2d0 [<0000000054301fc2>] bus_probe_device+0x126/0x140 [<00000000aad93b22>] device_add+0x810/0x1130 [<00000000c086a53f>] i2c_new_client_device+0x352/0x4e0 [<000000003c2c248c>] of_i2c_register_device+0xf1/0x110 [<00000000ffec4177>] of_i2c_notify+0x100/0x160 unreferenced object 0xffff88812d3675c8 (size 8): comm "python3", pid 349, jiffies 4294741070 (age 95.692s) hex dump (first 8 bytes): 22 00 36 2d 81 88 ff ff ".6-.... backtrace: [<0000000068427125>] __kmalloc+0x46/0x1b0 [<0000000090180f91>] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts] [<000000001d5c9620>] raydium_i2c_initialize.cold+0x223/0x3e4 [raydium_i2c_ts] [<00000000dc6fcf38>] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts] [<00000000a310de16>] i2c_device_probe+0x651/0x680 [<00000000f5a96bf3>] really_probe+0x17c/0x3f0 [<00000000096ba499>] __driver_probe_device+0xe3/0x170 [<00000000c5acb4d9>] driver_probe_device+0x49/0x120 [<00000000264fe082>] __device_attach_driver+0xf7/0x150 [<00000000f919423c>] bus_for_each_drv+0x114/0x180 [<00000000e067feca>] __device_attach+0x1e5/0x2d0 [<0000000054301fc2>] bus_probe_device+0x126/0x140 [<00000000aad93b22>] device_add+0x810/0x1130 [<00000000c086a53f>] i2c_new_client_device+0x352/0x4e0 [<000000003c2c248c>] of_i2c_register_device+0xf1/0x110 [<00000000ffec4177>] of_i2c_notify+0x100/0x160

After BANK_SWITCH command from i2c BUS, no matter success or error happened, the tx_buf should be freed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48995"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-21T20:15:11Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: raydium_ts_i2c - fix memory leak in raydium_i2c_send()\n\nThere is a kmemleak when test the raydium_i2c_ts with bpf mock device:\n\n  unreferenced object 0xffff88812d3675a0 (size 8):\n    comm \"python3\", pid 349, jiffies 4294741067 (age 95.695s)\n    hex dump (first 8 bytes):\n      11 0e 10 c0 01 00 04 00                          ........\n    backtrace:\n      [\u003c0000000068427125\u003e] __kmalloc+0x46/0x1b0\n      [\u003c0000000090180f91\u003e] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts]\n      [\u003c000000006e631aee\u003e] raydium_i2c_initialize.cold+0xbc/0x3e4 [raydium_i2c_ts]\n      [\u003c00000000dc6fcf38\u003e] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts]\n      [\u003c00000000a310de16\u003e] i2c_device_probe+0x651/0x680\n      [\u003c00000000f5a96bf3\u003e] really_probe+0x17c/0x3f0\n      [\u003c00000000096ba499\u003e] __driver_probe_device+0xe3/0x170\n      [\u003c00000000c5acb4d9\u003e] driver_probe_device+0x49/0x120\n      [\u003c00000000264fe082\u003e] __device_attach_driver+0xf7/0x150\n      [\u003c00000000f919423c\u003e] bus_for_each_drv+0x114/0x180\n      [\u003c00000000e067feca\u003e] __device_attach+0x1e5/0x2d0\n      [\u003c0000000054301fc2\u003e] bus_probe_device+0x126/0x140\n      [\u003c00000000aad93b22\u003e] device_add+0x810/0x1130\n      [\u003c00000000c086a53f\u003e] i2c_new_client_device+0x352/0x4e0\n      [\u003c000000003c2c248c\u003e] of_i2c_register_device+0xf1/0x110\n      [\u003c00000000ffec4177\u003e] of_i2c_notify+0x100/0x160\n  unreferenced object 0xffff88812d3675c8 (size 8):\n    comm \"python3\", pid 349, jiffies 4294741070 (age 95.692s)\n    hex dump (first 8 bytes):\n      22 00 36 2d 81 88 ff ff                          \".6-....\n    backtrace:\n      [\u003c0000000068427125\u003e] __kmalloc+0x46/0x1b0\n      [\u003c0000000090180f91\u003e] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts]\n      [\u003c000000001d5c9620\u003e] raydium_i2c_initialize.cold+0x223/0x3e4 [raydium_i2c_ts]\n      [\u003c00000000dc6fcf38\u003e] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts]\n      [\u003c00000000a310de16\u003e] i2c_device_probe+0x651/0x680\n      [\u003c00000000f5a96bf3\u003e] really_probe+0x17c/0x3f0\n      [\u003c00000000096ba499\u003e] __driver_probe_device+0xe3/0x170\n      [\u003c00000000c5acb4d9\u003e] driver_probe_device+0x49/0x120\n      [\u003c00000000264fe082\u003e] __device_attach_driver+0xf7/0x150\n      [\u003c00000000f919423c\u003e] bus_for_each_drv+0x114/0x180\n      [\u003c00000000e067feca\u003e] __device_attach+0x1e5/0x2d0\n      [\u003c0000000054301fc2\u003e] bus_probe_device+0x126/0x140\n      [\u003c00000000aad93b22\u003e] device_add+0x810/0x1130\n      [\u003c00000000c086a53f\u003e] i2c_new_client_device+0x352/0x4e0\n      [\u003c000000003c2c248c\u003e] of_i2c_register_device+0xf1/0x110\n      [\u003c00000000ffec4177\u003e] of_i2c_notify+0x100/0x160\n\nAfter BANK_SWITCH command from i2c BUS, no matter success or error\nhappened, the tx_buf should be freed.",
  "id": "GHSA-3xrg-jvxh-2hpf",
  "modified": "2024-10-25T18:30:48Z",
  "published": "2024-10-21T21:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48995"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/097c1c7a28e3da8f2811ba532be6e81faab15aab"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/53b9b1201e34ccc895971218559123625c56fbcd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8c9a59939deb4bfafdc451100c03d1e848b4169b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a82869ac52f3d9db4b2cf8fd41edc2dee7a75a61"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.