CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-3W59-VX6F-4274
Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2025-04-29 21:31In the Linux kernel, the following vulnerability has been resolved:
net: cdc_eem: fix tx fixup skb leak
when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb.
fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.
{
"affected": [],
"aliases": [
"CVE-2021-47236"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T15:15:12Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: cdc_eem: fix tx fixup skb leak\n\nwhen usbnet transmit a skb, eem fixup it in eem_tx_fixup(),\nif skb_copy_expand() failed, it return NULL,\nusbnet_start_xmit() will have no chance to free original skb.\n\nfix it by free orginal skb in eem_tx_fixup() first,\nthen check skb clone status, if failed, return NULL to usbnet.",
"id": "GHSA-3w59-vx6f-4274",
"modified": "2025-04-29T21:31:35Z",
"published": "2024-05-21T15:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47236"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3W79-77CJ-G7X9
Vulnerability from github – Published: 2026-07-15 12:32 – Updated: 2026-07-15 12:32ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the hough lines operation: when a specific operation fails, a small memory leak occurs.
{
"affected": [],
"aliases": [
"CVE-2026-61865"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-15T12:18:21Z",
"severity": "LOW"
},
"details": "ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the hough lines operation: when a specific operation fails, a small memory leak occurs.",
"id": "GHSA-3w79-77cj-g7x9",
"modified": "2026-07-15T12:32:05Z",
"published": "2026-07-15T12:32:05Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j8rh-v2r8-v94x"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-61865"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-memory-leak-in-hough-lines"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-3W87-FGR4-8M86
Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
{
"affected": [],
"aliases": [
"CVE-2020-20451"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-25T19:15:00Z",
"severity": "HIGH"
},
"details": "Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.",
"id": "GHSA-3w87-fgr4-8m86",
"modified": "2022-05-24T19:03:10Z",
"published": "2022-05-24T19:03:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-20451"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html"
},
{
"type": "WEB",
"url": "https://trac.ffmpeg.org/ticket/8094"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-3W9P-MC8R-HC9P
Vulnerability from github – Published: 2022-05-13 01:21 – Updated: 2022-05-13 01:21In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.
{
"affected": [],
"aliases": [
"CVE-2019-11010"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-08T19:29:00Z",
"severity": "MODERATE"
},
"details": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.",
"id": "GHSA-3w9p-mc8r-hc9p",
"modified": "2022-05-13T01:21:57Z",
"published": "2022-05-13T01:21:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11010"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/601"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4207-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4640"
},
{
"type": "WEB",
"url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/a348d9661019"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3WWH-3W44-G9JF
Vulnerability from github – Published: 2022-05-24 17:08 – Updated: 2022-05-24 17:08Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .
{
"affected": [],
"aliases": [
"CVE-2020-3753"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-02-13T16:15:00Z",
"severity": "MODERATE"
},
"details": "Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .",
"id": "GHSA-3wwh-3w44-g9jf",
"modified": "2022-05-24T17:08:58Z",
"published": "2022-05-24T17:08:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3753"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-05.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-3WX9-F3X6-49F8
Vulnerability from github – Published: 2023-07-06 21:14 – Updated: 2024-04-04 05:39When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
{
"affected": [],
"aliases": [
"CVE-2023-29163"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-03T15:15:13Z",
"severity": "HIGH"
},
"details": "\nWhen UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"id": "GHSA-3wx9-f3x6-49f8",
"modified": "2024-04-04T05:39:16Z",
"published": "2023-07-06T21:14:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29163"
},
{
"type": "WEB",
"url": "https://my.f5.com/manage/s/article/K20145107"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3X3M-4C79-CMV9
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2022-05-13 01:13Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.
{
"affected": [],
"aliases": [
"CVE-2017-5856"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-16T15:59:00Z",
"severity": "MODERATE"
},
"details": "Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.",
"id": "GHSA-3x3m-4c79-cmv9",
"modified": "2022-05-13T01:13:42Z",
"published": "2022-05-13T01:13:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5856"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418342"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201702-28"
},
{
"type": "WEB",
"url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3"
},
{
"type": "WEB",
"url": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=765a707000e838c30b18d712fe6cb3dd8e0435f3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/19"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/02/02/14"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95999"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3X73-WM98-JH2G
Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.
{
"affected": [],
"aliases": [
"CVE-2021-39282"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-18T17:15:00Z",
"severity": "HIGH"
},
"details": "Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.",
"id": "GHSA-3x73-wm98-jh2g",
"modified": "2022-05-24T19:11:30Z",
"published": "2022-05-24T19:11:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39282"
},
{
"type": "WEB",
"url": "http://lists.live555.com/pipermail/live-devel/2021-August/021970.html"
},
{
"type": "WEB",
"url": "http://www.live555.com/liveMedia/public/changelog.txt#[2021.08.13]"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3X82-HXVX-2RV2
Vulnerability from github – Published: 2024-11-07 12:30 – Updated: 2024-11-13 18:31In the Linux kernel, the following vulnerability has been resolved:
net: bcmasp: fix potential memory leak in bcmasp_xmit()
The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapping fails, add dev_kfree_skb() to fix it.
{
"affected": [],
"aliases": [
"CVE-2024-50170"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-07T10:15:08Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bcmasp: fix potential memory leak in bcmasp_xmit()\n\nThe bcmasp_xmit() returns NETDEV_TX_OK without freeing skb\nin case of mapping fails, add dev_kfree_skb() to fix it.",
"id": "GHSA-3x82-hxvx-2rv2",
"modified": "2024-11-13T18:31:53Z",
"published": "2024-11-07T12:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50170"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7218de0778aefbbbcfe474a55f88bbf6f244627d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f689f20d3e09f2d4d0a2c575a9859115a33e68bd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fed07d3eb8a8d9fcc0e455175a89bc6445d6faed"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3XRG-JVXH-2HPF
Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2024-10-25 18:30In the Linux kernel, the following vulnerability has been resolved:
Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send()
There is a kmemleak when test the raydium_i2c_ts with bpf mock device:
unreferenced object 0xffff88812d3675a0 (size 8): comm "python3", pid 349, jiffies 4294741067 (age 95.695s) hex dump (first 8 bytes): 11 0e 10 c0 01 00 04 00 ........ backtrace: [<0000000068427125>] __kmalloc+0x46/0x1b0 [<0000000090180f91>] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts] [<000000006e631aee>] raydium_i2c_initialize.cold+0xbc/0x3e4 [raydium_i2c_ts] [<00000000dc6fcf38>] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts] [<00000000a310de16>] i2c_device_probe+0x651/0x680 [<00000000f5a96bf3>] really_probe+0x17c/0x3f0 [<00000000096ba499>] __driver_probe_device+0xe3/0x170 [<00000000c5acb4d9>] driver_probe_device+0x49/0x120 [<00000000264fe082>] __device_attach_driver+0xf7/0x150 [<00000000f919423c>] bus_for_each_drv+0x114/0x180 [<00000000e067feca>] __device_attach+0x1e5/0x2d0 [<0000000054301fc2>] bus_probe_device+0x126/0x140 [<00000000aad93b22>] device_add+0x810/0x1130 [<00000000c086a53f>] i2c_new_client_device+0x352/0x4e0 [<000000003c2c248c>] of_i2c_register_device+0xf1/0x110 [<00000000ffec4177>] of_i2c_notify+0x100/0x160 unreferenced object 0xffff88812d3675c8 (size 8): comm "python3", pid 349, jiffies 4294741070 (age 95.692s) hex dump (first 8 bytes): 22 00 36 2d 81 88 ff ff ".6-.... backtrace: [<0000000068427125>] __kmalloc+0x46/0x1b0 [<0000000090180f91>] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts] [<000000001d5c9620>] raydium_i2c_initialize.cold+0x223/0x3e4 [raydium_i2c_ts] [<00000000dc6fcf38>] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts] [<00000000a310de16>] i2c_device_probe+0x651/0x680 [<00000000f5a96bf3>] really_probe+0x17c/0x3f0 [<00000000096ba499>] __driver_probe_device+0xe3/0x170 [<00000000c5acb4d9>] driver_probe_device+0x49/0x120 [<00000000264fe082>] __device_attach_driver+0xf7/0x150 [<00000000f919423c>] bus_for_each_drv+0x114/0x180 [<00000000e067feca>] __device_attach+0x1e5/0x2d0 [<0000000054301fc2>] bus_probe_device+0x126/0x140 [<00000000aad93b22>] device_add+0x810/0x1130 [<00000000c086a53f>] i2c_new_client_device+0x352/0x4e0 [<000000003c2c248c>] of_i2c_register_device+0xf1/0x110 [<00000000ffec4177>] of_i2c_notify+0x100/0x160
After BANK_SWITCH command from i2c BUS, no matter success or error happened, the tx_buf should be freed.
{
"affected": [],
"aliases": [
"CVE-2022-48995"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-21T20:15:11Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: raydium_ts_i2c - fix memory leak in raydium_i2c_send()\n\nThere is a kmemleak when test the raydium_i2c_ts with bpf mock device:\n\n unreferenced object 0xffff88812d3675a0 (size 8):\n comm \"python3\", pid 349, jiffies 4294741067 (age 95.695s)\n hex dump (first 8 bytes):\n 11 0e 10 c0 01 00 04 00 ........\n backtrace:\n [\u003c0000000068427125\u003e] __kmalloc+0x46/0x1b0\n [\u003c0000000090180f91\u003e] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts]\n [\u003c000000006e631aee\u003e] raydium_i2c_initialize.cold+0xbc/0x3e4 [raydium_i2c_ts]\n [\u003c00000000dc6fcf38\u003e] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts]\n [\u003c00000000a310de16\u003e] i2c_device_probe+0x651/0x680\n [\u003c00000000f5a96bf3\u003e] really_probe+0x17c/0x3f0\n [\u003c00000000096ba499\u003e] __driver_probe_device+0xe3/0x170\n [\u003c00000000c5acb4d9\u003e] driver_probe_device+0x49/0x120\n [\u003c00000000264fe082\u003e] __device_attach_driver+0xf7/0x150\n [\u003c00000000f919423c\u003e] bus_for_each_drv+0x114/0x180\n [\u003c00000000e067feca\u003e] __device_attach+0x1e5/0x2d0\n [\u003c0000000054301fc2\u003e] bus_probe_device+0x126/0x140\n [\u003c00000000aad93b22\u003e] device_add+0x810/0x1130\n [\u003c00000000c086a53f\u003e] i2c_new_client_device+0x352/0x4e0\n [\u003c000000003c2c248c\u003e] of_i2c_register_device+0xf1/0x110\n [\u003c00000000ffec4177\u003e] of_i2c_notify+0x100/0x160\n unreferenced object 0xffff88812d3675c8 (size 8):\n comm \"python3\", pid 349, jiffies 4294741070 (age 95.692s)\n hex dump (first 8 bytes):\n 22 00 36 2d 81 88 ff ff \".6-....\n backtrace:\n [\u003c0000000068427125\u003e] __kmalloc+0x46/0x1b0\n [\u003c0000000090180f91\u003e] raydium_i2c_send+0xd4/0x2bf [raydium_i2c_ts]\n [\u003c000000001d5c9620\u003e] raydium_i2c_initialize.cold+0x223/0x3e4 [raydium_i2c_ts]\n [\u003c00000000dc6fcf38\u003e] raydium_i2c_probe+0x3cd/0x6bc [raydium_i2c_ts]\n [\u003c00000000a310de16\u003e] i2c_device_probe+0x651/0x680\n [\u003c00000000f5a96bf3\u003e] really_probe+0x17c/0x3f0\n [\u003c00000000096ba499\u003e] __driver_probe_device+0xe3/0x170\n [\u003c00000000c5acb4d9\u003e] driver_probe_device+0x49/0x120\n [\u003c00000000264fe082\u003e] __device_attach_driver+0xf7/0x150\n [\u003c00000000f919423c\u003e] bus_for_each_drv+0x114/0x180\n [\u003c00000000e067feca\u003e] __device_attach+0x1e5/0x2d0\n [\u003c0000000054301fc2\u003e] bus_probe_device+0x126/0x140\n [\u003c00000000aad93b22\u003e] device_add+0x810/0x1130\n [\u003c00000000c086a53f\u003e] i2c_new_client_device+0x352/0x4e0\n [\u003c000000003c2c248c\u003e] of_i2c_register_device+0xf1/0x110\n [\u003c00000000ffec4177\u003e] of_i2c_notify+0x100/0x160\n\nAfter BANK_SWITCH command from i2c BUS, no matter success or error\nhappened, the tx_buf should be freed.",
"id": "GHSA-3xrg-jvxh-2hpf",
"modified": "2024-10-25T18:30:48Z",
"published": "2024-10-21T21:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48995"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/097c1c7a28e3da8f2811ba532be6e81faab15aab"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/53b9b1201e34ccc895971218559123625c56fbcd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8c9a59939deb4bfafdc451100c03d1e848b4169b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a82869ac52f3d9db4b2cf8fd41edc2dee7a75a61"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.