CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-CQ56-J359-2484
Vulnerability from github – Published: 2022-11-01 19:00 – Updated: 2022-11-04 19:01Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A's local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0's number of nodes isn't limited by Xenstore quota.
{
"affected": [],
"aliases": [
"CVE-2022-42322"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-01T13:15:00Z",
"severity": "MODERATE"
},
"details": "Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A\u0027s local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0\u0027s number of nodes isn\u0027t limited by Xenstore quota.",
"id": "GHSA-cq56-j359-2484",
"modified": "2022-11-04T19:01:17Z",
"published": "2022-11-01T19:00:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42322"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202402-07"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5272"
},
{
"type": "WEB",
"url": "https://xenbits.xenproject.org/xsa/advisory-419.txt"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/11/01/9"
},
{
"type": "WEB",
"url": "http://xenbits.xen.org/xsa/advisory-419.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQ62-68RX-VM58
Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-13 21:31In the Linux kernel, the following vulnerability has been resolved:
media: iris: gen1: Destroy internal buffers after FW releases
After the firmware releases internal buffers, the driver was not destroying them. This left stale allocations that were no longer used, especially across resolution changes where new buffers are allocated per the updated requirements. As a result, memory was wasted until session close.
Destroy internal buffers once the release response is received from the firmware.
{
"affected": [],
"aliases": [
"CVE-2026-43142"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-06T12:16:31Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: iris: gen1: Destroy internal buffers after FW releases\n\nAfter the firmware releases internal buffers, the driver was not\ndestroying them. This left stale allocations that were no longer used,\nespecially across resolution changes where new buffers are allocated per\nthe updated requirements. As a result, memory was wasted until session\nclose.\n\nDestroy internal buffers once the release response is received from the\nfirmware.",
"id": "GHSA-cq62-68rx-vm58",
"modified": "2026-05-13T21:31:57Z",
"published": "2026-05-06T12:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43142"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1dabf00ee206eceb0f08a1fe5d1ce635f9064338"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7cde76db8883ec8a3d1456068079ecadbfb15ca5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d4457f23ac0130240053a34be663f0fade3bb371"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQ96-72F3-PCHH
Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2022-05-24 17:46An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.
{
"affected": [],
"aliases": [
"CVE-2020-36312"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-07T00:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.",
"id": "GHSA-cq96-72f3-pchh",
"modified": "2022-05-24T17:46:44Z",
"published": "2022-05-24T17:46:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36312"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.10"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f65886606c2d3b562716de030706dfe1bea4ed5e"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CQGM-HP7P-3M66
Vulnerability from github – Published: 2024-02-29 03:33 – Updated: 2024-03-12 15:32A memory leak issue discovered in parseSWF_DEFINEBUTTON in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file.
{
"affected": [],
"aliases": [
"CVE-2024-24146"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-434"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-29T01:44:11Z",
"severity": "MODERATE"
},
"details": "A memory leak issue discovered in parseSWF_DEFINEBUTTON in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file.",
"id": "GHSA-cqgm-hp7p-3m66",
"modified": "2024-03-12T15:32:15Z",
"published": "2024-02-29T03:33:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24146"
},
{
"type": "WEB",
"url": "https://github.com/libming/libming/issues/307"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQGM-M7H3-XGWM
Vulnerability from github – Published: 2023-06-06 12:30 – Updated: 2024-04-04 04:35There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.
{
"affected": [],
"aliases": [
"CVE-2023-33460"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-06T12:15:09Z",
"severity": "MODERATE"
},
"details": "There\u0027s a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.",
"id": "GHSA-cqgm-m7h3-xgwm",
"modified": "2024-04-04T04:35:05Z",
"published": "2023-06-06T12:30:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33460"
},
{
"type": "WEB",
"url": "https://github.com/lloyd/yajl/issues/250"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00000.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00003.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQJ2-H3VQ-982W
Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2024-03-21 03:34** DISPUTED ** Module/Settings/UserExport.php in Friendica through 2021.01 allows settings/userexport to be used by anonymous users, as demonstrated by an attempted access to an array offset on a value of type null, and excessive memory consumption. NOTE: the vendor states "the feature still requires a valid authentication cookie even if the route is accessible to non-logged users."
{
"affected": [],
"aliases": [
"CVE-2021-30141"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-05T23:15:00Z",
"severity": "HIGH"
},
"details": "** DISPUTED ** Module/Settings/UserExport.php in Friendica through 2021.01 allows settings/userexport to be used by anonymous users, as demonstrated by an attempted access to an array offset on a value of type null, and excessive memory consumption. NOTE: the vendor states \"the feature still requires a valid authentication cookie even if the route is accessible to non-logged users.\"",
"id": "GHSA-cqj2-h3vq-982w",
"modified": "2024-03-21T03:34:03Z",
"published": "2022-05-24T17:46:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30141"
},
{
"type": "WEB",
"url": "https://github.com/friendica/friendica/issues/10110"
},
{
"type": "WEB",
"url": "https://github.com/friendica/friendica/pull/10113/commits/acbcc56754121ba080eac5b6fdf69e64ed7fe453"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQJP-PFHX-4JWV
Vulnerability from github – Published: 2026-01-20 18:31 – Updated: 2026-01-21 15:31In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs due to the broker's failure to validate or reject malformed UTF-8 strings in topic filters. An attacker can exploit this by sending repeated subscription requests with arbitrarily large or invalid filter payloads. Each request causes memory to be allocated for the malformed topic filter, but the broker does not free the associated memory, leading to unbounded heap growth and potential denial of service under sustained attack.
{
"affected": [],
"aliases": [
"CVE-2025-56353"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-20T16:16:05Z",
"severity": "HIGH"
},
"details": "In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs due to the broker\u0027s failure to validate or reject malformed UTF-8 strings in topic filters. An attacker can exploit this by sending repeated subscription requests with arbitrarily large or invalid filter payloads. Each request causes memory to be allocated for the malformed topic filter, but the broker does not free the associated memory, leading to unbounded heap growth and potential denial of service under sustained attack.",
"id": "GHSA-cqjp-pfhx-4jwv",
"modified": "2026-01-21T15:31:15Z",
"published": "2026-01-20T18:31:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-56353"
},
{
"type": "WEB",
"url": "https://github.com/JustDoIt0910/tinyMQTT/issues/19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQRQ-5CQ5-J744
Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-12 18:31In the Linux kernel, the following vulnerability has been resolved:
usb: dwc2: fix a devres leak in hw_enable upon suspend resume
Each time the platform goes to low power, PM suspend / resume routines call: __dwc2_lowlevel_hw_enable -> devm_add_action_or_reset(). This adds a new devres each time. This may also happen at runtime, as dwc2_lowlevel_hw_enable() can be called from udc_start().
This can be seen with tracing: - echo 1 > /sys/kernel/debug/tracing/events/dev/devres_log/enable - go to low power - cat /sys/kernel/debug/tracing/trace
A new "ADD" entry is found upon each low power cycle: ... devres_log: 49000000.usb-otg ADD 82a13bba devm_action_release (8 bytes) ... devres_log: 49000000.usb-otg ADD 49889daf devm_action_release (8 bytes) ...
A second issue is addressed here: - regulator_bulk_enable() is called upon each PM cycle (suspend/resume). - regulator_bulk_disable() never gets called.
So the reference count for these regulators constantly increase, by one upon each low power cycle, due to missing regulator_bulk_disable() call in __dwc2_lowlevel_hw_disable().
The original fix that introduced the devm_add_action_or_reset() call, fixed an issue during probe, that happens due to other errors in dwc2_driver_probe() -> dwc2_core_reset(). Then the probe fails without disabling regulators, when dr_mode == USB_DR_MODE_PERIPHERAL.
Rather fix the error path: disable all the low level hardware in the error path, by using the "hsotg->ll_hw_enabled" flag. Checking dr_mode has been introduced to avoid a dual call to dwc2_lowlevel_hw_disable(). "ll_hw_enabled" should achieve the same (and is used currently in the remove() routine).
{
"affected": [],
"aliases": [
"CVE-2023-53054"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-02T16:15:24Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix a devres leak in hw_enable upon suspend resume\n\nEach time the platform goes to low power, PM suspend / resume routines\ncall: __dwc2_lowlevel_hw_enable -\u003e devm_add_action_or_reset().\nThis adds a new devres each time.\nThis may also happen at runtime, as dwc2_lowlevel_hw_enable() can be\ncalled from udc_start().\n\nThis can be seen with tracing:\n- echo 1 \u003e /sys/kernel/debug/tracing/events/dev/devres_log/enable\n- go to low power\n- cat /sys/kernel/debug/tracing/trace\n\nA new \"ADD\" entry is found upon each low power cycle:\n... devres_log: 49000000.usb-otg ADD 82a13bba devm_action_release (8 bytes)\n... devres_log: 49000000.usb-otg ADD 49889daf devm_action_release (8 bytes)\n...\n\nA second issue is addressed here:\n- regulator_bulk_enable() is called upon each PM cycle (suspend/resume).\n- regulator_bulk_disable() never gets called.\n\nSo the reference count for these regulators constantly increase, by one\nupon each low power cycle, due to missing regulator_bulk_disable() call\nin __dwc2_lowlevel_hw_disable().\n\nThe original fix that introduced the devm_add_action_or_reset() call,\nfixed an issue during probe, that happens due to other errors in\ndwc2_driver_probe() -\u003e dwc2_core_reset(). Then the probe fails without\ndisabling regulators, when dr_mode == USB_DR_MODE_PERIPHERAL.\n\nRather fix the error path: disable all the low level hardware in the\nerror path, by using the \"hsotg-\u003ell_hw_enabled\" flag. Checking dr_mode\nhas been introduced to avoid a dual call to dwc2_lowlevel_hw_disable().\n\"ll_hw_enabled\" should achieve the same (and is used currently in the\nremove() routine).",
"id": "GHSA-cqrq-5cq5-j744",
"modified": "2025-11-12T18:31:04Z",
"published": "2025-05-02T18:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53054"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1f01027c51eb16145e8e07fafea3ca07ef102d06"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6485fc381b6528b6f547ee1ff10bdbcbe31a6e4c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cba76e1fb896b573f09f51aa299223276a77bc90"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f747313249b74f323ddf841a9c8db14d989f296a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ffb8ab6f87bd28d700ab5c20d9d3a7e75067630d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CR5R-Q6MH-HR56
Vulnerability from github – Published: 2022-05-02 00:05 – Updated: 2022-05-02 00:05Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".
{
"affected": [],
"aliases": [
"CVE-2008-3913"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-09-11T01:13:00Z",
"severity": "MODERATE"
},
"details": "Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to \"error handling logic\".",
"id": "GHSA-cr5r-q6mh-hr56",
"modified": "2022-05-02T00:05:01Z",
"published": "2022-05-02T00:05:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3913"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45057"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"type": "WEB",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"type": "WEB",
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31906"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31982"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32030"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32222"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32424"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32699"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"type": "WEB",
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT3216"
},
{
"type": "WEB",
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/31051"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/31681"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1020828"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2780"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CR8F-M6RJ-F9QJ
Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-12 21:31In the Linux kernel, the following vulnerability has been resolved:
octeontx2-vf: Add missing free for alloc_percpu
Add the free_percpu for the allocated "vf->hw.lmt_info" in order to avoid
memory leak, same as the "pf->hw.lmt_info" in
drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c.
{
"affected": [],
"aliases": [
"CVE-2023-53069"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-02T16:15:25Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-vf: Add missing free for alloc_percpu\n\nAdd the free_percpu for the allocated \"vf-\u003ehw.lmt_info\" in order to avoid\nmemory leak, same as the \"pf-\u003ehw.lmt_info\" in\n`drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c`.",
"id": "GHSA-cr8f-m6rj-f9qj",
"modified": "2025-11-12T21:31:00Z",
"published": "2025-05-02T18:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53069"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/813b590840771890c738ce6dbfd0c5938a1bafb9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/840631bcf21f58c0a3f01378a54d79e9ce86b226"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/90874b76e5f82eaa3309714d72ff2cd8bb8d1b02"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f038f3917baf04835ba2b7bcf2a04ac93fbf8a9c"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.