CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-CJGX-RM4J-VW44
Vulnerability from github – Published: 2022-05-24 17:31 – Updated: 2023-08-16 18:30A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from being processed through the device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper error handling when specific failures occur during IP fragment reassembly. An attacker could exploit this vulnerability by sending crafted, fragmented IP traffic to a targeted device. A successful exploit could allow the attacker to continuously consume memory on the affected device and eventually impact traffic, resulting in a DoS condition. The device could require a manual reboot to recover from the DoS condition. Note: This vulnerability applies to both IP Version 4 (IPv4) and IP Version 6 (IPv6) traffic.
{
"affected": [],
"aliases": [
"CVE-2020-3373"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-10-21T19:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from being processed through the device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper error handling when specific failures occur during IP fragment reassembly. An attacker could exploit this vulnerability by sending crafted, fragmented IP traffic to a targeted device. A successful exploit could allow the attacker to continuously consume memory on the affected device and eventually impact traffic, resulting in a DoS condition. The device could require a manual reboot to recover from the DoS condition. Note: This vulnerability applies to both IP Version 4 (IPv4) and IP Version 6 (IPv6) traffic.",
"id": "GHSA-cjgx-rm4j-vw44",
"modified": "2023-08-16T18:30:19Z",
"published": "2022-05-24T17:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3373"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CJV4-23G7-C427
Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-13 21:31In the Linux kernel, the following vulnerability has been resolved:
mux: mmio: fix regmap leak on probe failure
The mmio regmap that may be allocated during probe is never freed.
Switch to using the device managed allocator so that the regmap is released on probe failures (e.g. probe deferral) and on driver unbind.
{
"affected": [],
"aliases": [
"CVE-2026-43155"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-06T12:16:33Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmux: mmio: fix regmap leak on probe failure\n\nThe mmio regmap that may be allocated during probe is never freed.\n\nSwitch to using the device managed allocator so that the regmap is\nreleased on probe failures (e.g. probe deferral) and on driver unbind.",
"id": "GHSA-cjv4-23g7-c427",
"modified": "2026-05-13T21:31:58Z",
"published": "2026-05-06T12:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43155"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3c4ae63073d84abee5d81ce46d86a94e9dae9c89"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/76096f156fe9dc9fbd6e4618088706e91b9b0a6c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cbde3c109d52564ae2c12e514c33c44345e84b2c"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CM47-3P73-QQC3
Vulnerability from github – Published: 2025-09-16 15:32 – Updated: 2025-12-02 21:31In the Linux kernel, the following vulnerability has been resolved:
arm64: acpi: Fix possible memory leak of ffh_ctxt
Allocated 'ffh_ctxt' memory leak is possible if the SMCCC version and conduit checks fail and -EOPNOTSUPP is returned without freeing the allocated memory.
Fix the same by moving the allocation after the SMCCC version and conduit checks.
{
"affected": [],
"aliases": [
"CVE-2023-53266"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-16T08:15:35Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: acpi: Fix possible memory leak of ffh_ctxt\n\nAllocated \u0027ffh_ctxt\u0027 memory leak is possible if the SMCCC version\nand conduit checks fail and -EOPNOTSUPP is returned without freeing the\nallocated memory.\n\nFix the same by moving the allocation after the SMCCC version and\nconduit checks.",
"id": "GHSA-cm47-3p73-qqc3",
"modified": "2025-12-02T21:31:26Z",
"published": "2025-09-16T15:32:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53266"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1b561d3949f8478c5403c9752b5533211a757226"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7521da2eb42d65f89f511b7912d3757cf3d9168a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CM7X-4MVP-C2JF
Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-01-06 18:31In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Remove cache tags before disabling ATS
The current implementation removes cache tags after disabling ATS, leading to potential memory leaks and kernel crashes. Specifically, CACHE_TAG_DEVTLB type cache tags may still remain in the list even after the domain is freed, causing a use-after-free condition.
This issue really shows up when multiple VFs from different PFs passed through to a single user-space process via vfio-pci. In such cases, the kernel may crash with kernel messages like:
BUG: kernel NULL pointer dereference, address: 0000000000000014 PGD 19036a067 P4D 1940a3067 PUD 136c9b067 PMD 0 Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 74 UID: 0 PID: 3183 Comm: testCli Not tainted 6.11.9 #2 RIP: 0010:cache_tag_flush_range+0x9b/0x250 Call Trace: ? __die+0x1f/0x60 ? page_fault_oops+0x163/0x590 ? exc_page_fault+0x72/0x190 ? asm_exc_page_fault+0x22/0x30 ? cache_tag_flush_range+0x9b/0x250 ? cache_tag_flush_range+0x5d/0x250 intel_iommu_tlb_sync+0x29/0x40 intel_iommu_unmap_pages+0xfe/0x160 __iommu_unmap+0xd8/0x1a0 vfio_unmap_unpin+0x182/0x340 [vfio_iommu_type1] vfio_remove_dma+0x2a/0xb0 [vfio_iommu_type1] vfio_iommu_type1_ioctl+0xafa/0x18e0 [vfio_iommu_type1]
Move cache_tag_unassign_domain() before iommu_disable_pci_caps() to fix it.
{
"affected": [],
"aliases": [
"CVE-2024-56669"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-27T15:15:26Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Remove cache tags before disabling ATS\n\nThe current implementation removes cache tags after disabling ATS,\nleading to potential memory leaks and kernel crashes. Specifically,\nCACHE_TAG_DEVTLB type cache tags may still remain in the list even\nafter the domain is freed, causing a use-after-free condition.\n\nThis issue really shows up when multiple VFs from different PFs\npassed through to a single user-space process via vfio-pci. In such\ncases, the kernel may crash with kernel messages like:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000014\n PGD 19036a067 P4D 1940a3067 PUD 136c9b067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 74 UID: 0 PID: 3183 Comm: testCli Not tainted 6.11.9 #2\n RIP: 0010:cache_tag_flush_range+0x9b/0x250\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x60\n ? page_fault_oops+0x163/0x590\n ? exc_page_fault+0x72/0x190\n ? asm_exc_page_fault+0x22/0x30\n ? cache_tag_flush_range+0x9b/0x250\n ? cache_tag_flush_range+0x5d/0x250\n intel_iommu_tlb_sync+0x29/0x40\n intel_iommu_unmap_pages+0xfe/0x160\n __iommu_unmap+0xd8/0x1a0\n vfio_unmap_unpin+0x182/0x340 [vfio_iommu_type1]\n vfio_remove_dma+0x2a/0xb0 [vfio_iommu_type1]\n vfio_iommu_type1_ioctl+0xafa/0x18e0 [vfio_iommu_type1]\n\nMove cache_tag_unassign_domain() before iommu_disable_pci_caps() to fix\nit.",
"id": "GHSA-cm7x-4mvp-c2jf",
"modified": "2025-01-06T18:31:01Z",
"published": "2024-12-27T15:31:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56669"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1f2557e08a617a4b5e92a48a1a9a6f86621def18"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9a0a72d3ed919ebe6491f527630998be053151d8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CM93-2632-9M2Q
Vulnerability from github – Published: 2025-09-18 15:30 – Updated: 2025-12-12 21:31In the Linux kernel, the following vulnerability has been resolved:
kernel/printk/index.c: fix memory leak with using debugfs_lookup()
When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.
{
"affected": [],
"aliases": [
"CVE-2023-53402"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-18T14:15:43Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernel/printk/index.c: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"id": "GHSA-cm93-2632-9m2q",
"modified": "2025-12-12T21:31:31Z",
"published": "2025-09-18T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53402"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/13969236b6900b5a3625ad2193569588e978f1cc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2e07fa2e30d48d24a791483774a3d4b76769e0cf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/55bf243c514553e907efcf2bda92ba090eca8c64"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c578a68ffcdc2e8c72556bebdaae2b7500398e81"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CMCG-2F4M-GJQ8
Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-11-14 00:31In the Linux kernel, the following vulnerability has been resolved:
mt76: mt7921: fix memory leak in mt7921_coredump_work
Fix possible memory leak in mt7921_coredump_work.
{
"affected": [],
"aliases": [
"CVE-2021-47031"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-28T09:15:39Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix memory leak in mt7921_coredump_work\n\nFix possible memory leak in mt7921_coredump_work.",
"id": "GHSA-cmcg-2f4m-gjq8",
"modified": "2024-11-14T00:31:10Z",
"published": "2024-02-28T09:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47031"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4811226374453607175ea057777faa7e7f752204"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/782b3e86ea970e899f8e723db9f64708a15ca30e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-CMPJ-RG49-J7HV
Vulnerability from github – Published: 2026-04-24 15:32 – Updated: 2026-04-27 21:30In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix key parsing memleak
In rxrpc_preparse_xdr_yfs_rxgk(), the memory attached to token->rxgk can be leaked in a few error paths after it's allocated.
Fix this by freeing it in the "reject_token:" case.
{
"affected": [],
"aliases": [
"CVE-2026-31643"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-24T15:16:43Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix key parsing memleak\n\nIn rxrpc_preparse_xdr_yfs_rxgk(), the memory attached to token-\u003erxgk can be\nleaked in a few error paths after it\u0027s allocated.\n\nFix this by freeing it in the \"reject_token:\" case.",
"id": "GHSA-cmpj-rg49-j7hv",
"modified": "2026-04-27T21:30:49Z",
"published": "2026-04-24T15:32:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31643"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/01f51318feb626deee1d0c8a190198cd7857d599"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b555912b9b21075e8298015f888ffe3ff60b1a97"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d5f76f812d2c0ea6dd651b0586be49e85ecca085"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CPQP-HX9F-HV6W
Vulnerability from github – Published: 2025-03-18 21:31 – Updated: 2025-03-18 21:31In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: fix a potential gpu_metrics_table memory leak
Memory is allocated for gpu_metrics_table in renoir_init_smc_tables(), but not freed in int smu_v12_0_fini_smc_tables(). Free it!
{
"affected": [],
"aliases": [
"CVE-2021-4453"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T06:37:29Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a potential gpu_metrics_table memory leak\n\nMemory is allocated for gpu_metrics_table in renoir_init_smc_tables(),\nbut not freed in int smu_v12_0_fini_smc_tables(). Free it!",
"id": "GHSA-cpqp-hx9f-hv6w",
"modified": "2025-03-18T21:31:59Z",
"published": "2025-03-18T21:31:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4453"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/222cebd995cdf11fe0d502749560f65e64990e55"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/257b3bb16634fd936129fe2f57a91594a75b8751"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/aa464957f7e660abd554f2546a588f6533720e21"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CPQV-3MXP-373V
Vulnerability from github – Published: 2025-10-07 18:31 – Updated: 2026-02-03 21:31In the Linux kernel, the following vulnerability has been resolved:
drm/i915: Fix memory leaks in i915 selftests
This patch fixes memory leaks on error escapes in function fake_get_pages
(cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567)
{
"affected": [],
"aliases": [
"CVE-2023-53677"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-07T16:15:51Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Fix memory leaks in i915 selftests\n\nThis patch fixes memory leaks on error escapes in function fake_get_pages\n\n(cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567)",
"id": "GHSA-cpqv-3mxp-373v",
"modified": "2026-02-03T21:31:47Z",
"published": "2025-10-07T18:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53677"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/596d7308e189a3230bf33d667b64acc73846c2d0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/803033c148f754f32da1b93926c49c22731ec485"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CPXQ-P7W9-J6HF
Vulnerability from github – Published: 2022-05-24 22:00 – Updated: 2022-05-24 22:00ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
{
"affected": [],
"aliases": [
"CVE-2019-16713"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-09-23T12:15:00Z",
"severity": "MODERATE"
},
"details": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.",
"id": "GHSA-cpxq-p7w9-j6hf",
"modified": "2022-05-24T22:00:42Z",
"published": "2022-05-24T22:00:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16713"
},
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1558"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4192-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4712"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.