CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-477J-VCP2-HH67
Vulnerability from github – Published: 2024-03-04 21:31 – Updated: 2025-02-14 15:31In the Linux kernel, the following vulnerability has been resolved:
ice: xsk: return xsk buffers back to pool when cleaning the ring
Currently we only NULL the xdp_buff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can be leaked out of the buff pool and never be used again.
Add missing xsk_buff_free() call to the routine that is supposed to clean the entries that are left in the ring so that these buffers in the umem can be used by other sockets.
Also, only go through the space that is actually left to be cleaned instead of a whole ring.
{
"affected": [],
"aliases": [
"CVE-2021-47105"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-04T19:15:18Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: xsk: return xsk buffers back to pool when cleaning the ring\n\nCurrently we only NULL the xdp_buff pointer in the internal SW ring but\nwe never give it back to the xsk buffer pool. This means that buffers\ncan be leaked out of the buff pool and never be used again.\n\nAdd missing xsk_buff_free() call to the routine that is supposed to\nclean the entries that are left in the ring so that these buffers in the\numem can be used by other sockets.\n\nAlso, only go through the space that is actually left to be cleaned\ninstead of a whole ring.",
"id": "GHSA-477j-vcp2-hh67",
"modified": "2025-02-14T15:31:01Z",
"published": "2024-03-04T21:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47105"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ad6d20da2cfbe14b7b1200d15f39e65988b0b9e8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/afe8a3ba85ec2a6b6849367e25c06a2f8e0ddd05"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-47CG-X8X3-HFM3
Vulnerability from github – Published: 2024-05-20 12:30 – Updated: 2026-05-12 12:31In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: Fix memory leak in hci_req_sync_complete()
In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.
{
"affected": [],
"aliases": [
"CVE-2024-35978"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-20T10:15:12Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix memory leak in hci_req_sync_complete()\n\nIn \u0027hci_req_sync_complete()\u0027, always free the previous sync\nrequest state before assigning reference to a new one.",
"id": "GHSA-47cg-x8x3-hfm3",
"modified": "2026-05-12T12:31:51Z",
"published": "2024-05-20T12:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35978"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/45d355a926ab40f3ae7bc0b0a00cb0e3e8a5a810"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4beab84fbb50df3be1d8f8a976e6fe882ca65cb2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/66fab1e120b39f8f47a94186ddee36006fc02ca8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/75193678cce993aa959e7764b6df2f599886dd06"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8478394f76c748862ef179a16f651f752bdafaf0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/89a32741f4217856066c198a4a7267bcdd1edd67"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9ab5e44b9bac946bd49fd63264a08cd1ea494e76"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e4cb8382fff6706436b66eafd9c0ee857ff0a9f5"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-47VR-832F-CRM9
Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2022-08-06 00:00An uncontrolled resource consumption (memory leak) flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability.
{
"affected": [],
"aliases": [
"CVE-2021-20234"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-01T14:15:00Z",
"severity": "MODERATE"
},
"details": "An uncontrolled resource consumption (memory leak) flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability.",
"id": "GHSA-47vr-832f-crm9",
"modified": "2022-08-06T00:00:40Z",
"published": "2022-05-24T17:46:03Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/zeromq/libzmq/security/advisories/GHSA-wfr2-29gj-5w87"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20234"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921972"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-482H-984G-M9QW
Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2024-12-23 18:30In the Linux kernel, the following vulnerability has been resolved:
bpf, sockmap: Fix potential memory leak on unlikely error case
If skb_linearize is needed and fails we could leak a msg on the error handling. To fix ensure we kfree the msg block before returning error. Found during code review.
{
"affected": [],
"aliases": [
"CVE-2021-47298"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T15:15:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix potential memory leak on unlikely error case\n\nIf skb_linearize is needed and fails we could leak a msg on the error\nhandling. To fix ensure we kfree the msg block before returning error.\nFound during code review.",
"id": "GHSA-482h-984g-m9qw",
"modified": "2024-12-23T18:30:47Z",
"published": "2024-05-21T15:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47298"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6c508a1c6c62793dc6e6872cad4b200097bab7c9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/715f378f42909c401ec043f5150c4fdf57fb8889"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7e6b27a69167f97c56b5437871d29e9722c3e470"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-484G-RJCP-74RC
Vulnerability from github – Published: 2022-05-24 17:12 – Updated: 2022-05-24 17:12An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource exhaustion. An attacker can send one mDNS message repeatedly to trigger this vulnerability through decoding of the domain name performed by rr_decode.
{
"affected": [],
"aliases": [
"CVE-2020-6079"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-24T21:15:00Z",
"severity": "MODERATE"
},
"details": "An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource exhaustion. An attacker can send one mDNS message repeatedly to trigger this vulnerability through decoding of the domain name performed by rr_decode.",
"id": "GHSA-484g-rjcp-74rc",
"modified": "2022-05-24T17:12:34Z",
"published": "2022-05-24T17:12:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6079"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202005-10"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1002"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4671"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-48G3-P48M-MX96
Vulnerability from github – Published: 2025-02-10 18:30 – Updated: 2025-02-10 18:30A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."
{
"affected": [],
"aliases": [
"CVE-2025-1151"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-10T17:15:18Z",
"severity": "LOW"
},
"details": "A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: \"I\u0027m not going to commit some of the leak fixes I\u0027ve been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master.\"",
"id": "GHSA-48g3-p48m-mx96",
"modified": "2025-02-10T18:30:47Z",
"published": "2025-02-10T18:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1151"
},
{
"type": "WEB",
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=15887"
},
{
"type": "WEB",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32576"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.295055"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.295055"
},
{
"type": "WEB",
"url": "https://www.gnu.org"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-48WQ-5H48-MWQQ
Vulnerability from github – Published: 2026-05-01 15:30 – Updated: 2026-05-06 21:31In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid memory leak in f2fs_rename()
syzbot reported a f2fs bug as below:
BUG: memory leak unreferenced object 0xffff888127f70830 (size 16): comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump (first 16 bytes): 3c af 57 72 5b e6 8f ad 6e 8e fd 33 42 39 03 ff <.Wr[...n..3B9.. backtrace (crc 925f8a80): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4520 [inline] slab_alloc_node mm/slub.c:4844 [inline] __do_kmalloc_node mm/slub.c:5237 [inline] __kmalloc_noprof+0x3bd/0x560 mm/slub.c:5250 kmalloc_noprof include/linux/slab.h:954 [inline] fscrypt_setup_filename+0x15e/0x3b0 fs/crypto/fname.c:364 f2fs_setup_filename+0x52/0xb0 fs/f2fs/dir.c:143 f2fs_rename+0x159/0xca0 fs/f2fs/namei.c:961 f2fs_rename2+0xd5/0xf20 fs/f2fs/namei.c:1308 vfs_rename+0x7ff/0x1250 fs/namei.c:6026 filename_renameat2+0x4f4/0x660 fs/namei.c:6144 __do_sys_renameat2 fs/namei.c:6173 [inline] __se_sys_renameat2 fs/namei.c:6168 [inline] __x64_sys_renameat2+0x59/0x80 fs/namei.c:6168 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xe2/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f
The root cause is in commit 40b2d55e0452 ("f2fs: fix to create selinux label during whiteout initialization"), we added a call to f2fs_setup_filename() without a matching call to f2fs_free_filename(), fix it.
{
"affected": [],
"aliases": [
"CVE-2026-31714"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-01T14:16:21Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid memory leak in f2fs_rename()\n\nsyzbot reported a f2fs bug as below:\n\nBUG: memory leak\nunreferenced object 0xffff888127f70830 (size 16):\n comm \"syz.0.23\", pid 6144, jiffies 4294943712\n hex dump (first 16 bytes):\n 3c af 57 72 5b e6 8f ad 6e 8e fd 33 42 39 03 ff \u003c.Wr[...n..3B9..\n backtrace (crc 925f8a80):\n kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]\n slab_post_alloc_hook mm/slub.c:4520 [inline]\n slab_alloc_node mm/slub.c:4844 [inline]\n __do_kmalloc_node mm/slub.c:5237 [inline]\n __kmalloc_noprof+0x3bd/0x560 mm/slub.c:5250\n kmalloc_noprof include/linux/slab.h:954 [inline]\n fscrypt_setup_filename+0x15e/0x3b0 fs/crypto/fname.c:364\n f2fs_setup_filename+0x52/0xb0 fs/f2fs/dir.c:143\n f2fs_rename+0x159/0xca0 fs/f2fs/namei.c:961\n f2fs_rename2+0xd5/0xf20 fs/f2fs/namei.c:1308\n vfs_rename+0x7ff/0x1250 fs/namei.c:6026\n filename_renameat2+0x4f4/0x660 fs/namei.c:6144\n __do_sys_renameat2 fs/namei.c:6173 [inline]\n __se_sys_renameat2 fs/namei.c:6168 [inline]\n __x64_sys_renameat2+0x59/0x80 fs/namei.c:6168\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe2/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe root cause is in commit 40b2d55e0452 (\"f2fs: fix to create selinux\nlabel during whiteout initialization\"), we added a call to\nf2fs_setup_filename() without a matching call to f2fs_free_filename(),\nfix it.",
"id": "GHSA-48wq-5h48-mwqq",
"modified": "2026-05-06T21:31:32Z",
"published": "2026-05-01T15:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31714"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/047c0aef6af37a2a35181aa085c616ad286386f1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/369eb2016d8e2f01931b3bad1cb9cefa83f44003"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3cf11e6f36c170050c12171dd6fd3142711478fc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a76c1cad4e80a9802ef8048662255417e3ce5b79"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c78206dcb912ab60b8ee3cbe8c48d749a9a12e1e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-48XX-8RQ2-FFH3
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2025-04-20 03:39Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device.
{
"affected": [],
"aliases": [
"CVE-2017-9373"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-16T22:29:00Z",
"severity": "MODERATE"
},
"details": "Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device.",
"id": "GHSA-48xx-8rq2-ffh3",
"modified": "2025-04-20T03:39:19Z",
"published": "2022-05-13T01:13:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9373"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2392"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2408"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458270"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"type": "WEB",
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d68f0f778e7f4fbd674627274267f269e40f0b04"
},
{
"type": "WEB",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=d68f0f778e7f4fbd674627274267f269e40f0b04"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3920"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/06/05/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98921"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-495C-G5J5-WG9W
Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2024-10-24 21:31In the Linux kernel, the following vulnerability has been resolved:
net/9p: Fix a potential socket leak in p9_socket_open
Both p9_fd_create_tcp() and p9_fd_create_unix() will call p9_socket_open(). If the creation of p9_trans_fd fails, p9_fd_create_tcp() and p9_fd_create_unix() will return an error directly instead of releasing the cscoket, which will result in a socket leak.
This patch adds sock_release() to fix the leak issue.
{
"affected": [],
"aliases": [
"CVE-2022-49020"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-21T20:15:13Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/9p: Fix a potential socket leak in p9_socket_open\n\nBoth p9_fd_create_tcp() and p9_fd_create_unix() will call\np9_socket_open(). If the creation of p9_trans_fd fails,\np9_fd_create_tcp() and p9_fd_create_unix() will return an\nerror directly instead of releasing the cscoket, which will\nresult in a socket leak.\n\nThis patch adds sock_release() to fix the leak issue.",
"id": "GHSA-495c-g5j5-wg9w",
"modified": "2024-10-24T21:31:02Z",
"published": "2024-10-21T21:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49020"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4997-QRQV-F5M7
Vulnerability from github – Published: 2025-03-27 18:31 – Updated: 2025-04-15 21:31In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_conn: Fix memory leaks
When hci_cmd_sync_queue() failed in hci_le_terminate_big() or hci_le_big_terminate(), the memory pointed by variable d is not freed, which will cause memory leak. Add release process to error path.
{
"affected": [],
"aliases": [
"CVE-2023-53018"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-27T17:15:51Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix memory leaks\n\nWhen hci_cmd_sync_queue() failed in hci_le_terminate_big() or\nhci_le_big_terminate(), the memory pointed by variable d is not freed,\nwhich will cause memory leak. Add release process to error path.",
"id": "GHSA-4997-qrqv-f5m7",
"modified": "2025-04-15T21:31:30Z",
"published": "2025-03-27T18:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53018"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3aa21311f36d8a2730c7ccef37235e951f23927b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f51a825b9f730a782aa768454906b4468e67b667"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.