Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-CQ56-J359-2484

Vulnerability from github – Published: 2022-11-01 19:00 – Updated: 2022-11-04 19:01
VLAI
Details

Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A's local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0's number of nodes isn't limited by Xenstore quota.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-42322"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-01T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A\u0027s local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0\u0027s number of nodes isn\u0027t limited by Xenstore quota.",
  "id": "GHSA-cq56-j359-2484",
  "modified": "2022-11-04T19:01:17Z",
  "published": "2022-11-01T19:00:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42322"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202402-07"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5272"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xenproject.org/xsa/advisory-419.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/11/01/9"
    },
    {
      "type": "WEB",
      "url": "http://xenbits.xen.org/xsa/advisory-419.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQ62-68RX-VM58

Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-13 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: iris: gen1: Destroy internal buffers after FW releases

After the firmware releases internal buffers, the driver was not destroying them. This left stale allocations that were no longer used, especially across resolution changes where new buffers are allocated per the updated requirements. As a result, memory was wasted until session close.

Destroy internal buffers once the release response is received from the firmware.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43142"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-06T12:16:31Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: iris: gen1: Destroy internal buffers after FW releases\n\nAfter the firmware releases internal buffers, the driver was not\ndestroying them. This left stale allocations that were no longer used,\nespecially across resolution changes where new buffers are allocated per\nthe updated requirements. As a result, memory was wasted until session\nclose.\n\nDestroy internal buffers once the release response is received from the\nfirmware.",
  "id": "GHSA-cq62-68rx-vm58",
  "modified": "2026-05-13T21:31:57Z",
  "published": "2026-05-06T12:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43142"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1dabf00ee206eceb0f08a1fe5d1ce635f9064338"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7cde76db8883ec8a3d1456068079ecadbfb15ca5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d4457f23ac0130240053a34be663f0fade3bb371"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQ96-72F3-PCHH

Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2022-05-24 17:46
VLAI
Details

An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-36312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-07T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.",
  "id": "GHSA-cq96-72f3-pchh",
  "modified": "2022-05-24T17:46:44Z",
  "published": "2022-05-24T17:46:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36312"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.10"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f65886606c2d3b562716de030706dfe1bea4ed5e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-CQGM-HP7P-3M66

Vulnerability from github – Published: 2024-02-29 03:33 – Updated: 2024-03-12 15:32
VLAI
Details

A memory leak issue discovered in parseSWF_DEFINEBUTTON in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-24146"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-434"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-29T01:44:11Z",
    "severity": "MODERATE"
  },
  "details": "A memory leak issue discovered in parseSWF_DEFINEBUTTON in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file.",
  "id": "GHSA-cqgm-hp7p-3m66",
  "modified": "2024-03-12T15:32:15Z",
  "published": "2024-02-29T03:33:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24146"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libming/libming/issues/307"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQGM-M7H3-XGWM

Vulnerability from github – Published: 2023-06-06 12:30 – Updated: 2024-04-04 04:35
VLAI
Details

There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-33460"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-06T12:15:09Z",
    "severity": "MODERATE"
  },
  "details": "There\u0027s a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.",
  "id": "GHSA-cqgm-m7h3-xgwm",
  "modified": "2024-04-04T04:35:05Z",
  "published": "2023-06-06T12:30:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33460"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lloyd/yajl/issues/250"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQJ2-H3VQ-982W

Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2024-03-21 03:34
VLAI
Details

** DISPUTED ** Module/Settings/UserExport.php in Friendica through 2021.01 allows settings/userexport to be used by anonymous users, as demonstrated by an attempted access to an array offset on a value of type null, and excessive memory consumption. NOTE: the vendor states "the feature still requires a valid authentication cookie even if the route is accessible to non-logged users."

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-30141"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-05T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "** DISPUTED ** Module/Settings/UserExport.php in Friendica through 2021.01 allows settings/userexport to be used by anonymous users, as demonstrated by an attempted access to an array offset on a value of type null, and excessive memory consumption. NOTE: the vendor states \"the feature still requires a valid authentication cookie even if the route is accessible to non-logged users.\"",
  "id": "GHSA-cqj2-h3vq-982w",
  "modified": "2024-03-21T03:34:03Z",
  "published": "2022-05-24T17:46:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30141"
    },
    {
      "type": "WEB",
      "url": "https://github.com/friendica/friendica/issues/10110"
    },
    {
      "type": "WEB",
      "url": "https://github.com/friendica/friendica/pull/10113/commits/acbcc56754121ba080eac5b6fdf69e64ed7fe453"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQJP-PFHX-4JWV

Vulnerability from github – Published: 2026-01-20 18:31 – Updated: 2026-01-21 15:31
VLAI
Details

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs due to the broker's failure to validate or reject malformed UTF-8 strings in topic filters. An attacker can exploit this by sending repeated subscription requests with arbitrarily large or invalid filter payloads. Each request causes memory to be allocated for the malformed topic filter, but the broker does not free the associated memory, leading to unbounded heap growth and potential denial of service under sustained attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-56353"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-20T16:16:05Z",
    "severity": "HIGH"
  },
  "details": "In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs due to the broker\u0027s failure to validate or reject malformed UTF-8 strings in topic filters. An attacker can exploit this by sending repeated subscription requests with arbitrarily large or invalid filter payloads. Each request causes memory to be allocated for the malformed topic filter, but the broker does not free the associated memory, leading to unbounded heap growth and potential denial of service under sustained attack.",
  "id": "GHSA-cqjp-pfhx-4jwv",
  "modified": "2026-01-21T15:31:15Z",
  "published": "2026-01-20T18:31:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-56353"
    },
    {
      "type": "WEB",
      "url": "https://github.com/JustDoIt0910/tinyMQTT/issues/19"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQRQ-5CQ5-J744

Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-12 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc2: fix a devres leak in hw_enable upon suspend resume

Each time the platform goes to low power, PM suspend / resume routines call: __dwc2_lowlevel_hw_enable -> devm_add_action_or_reset(). This adds a new devres each time. This may also happen at runtime, as dwc2_lowlevel_hw_enable() can be called from udc_start().

This can be seen with tracing: - echo 1 > /sys/kernel/debug/tracing/events/dev/devres_log/enable - go to low power - cat /sys/kernel/debug/tracing/trace

A new "ADD" entry is found upon each low power cycle: ... devres_log: 49000000.usb-otg ADD 82a13bba devm_action_release (8 bytes) ... devres_log: 49000000.usb-otg ADD 49889daf devm_action_release (8 bytes) ...

A second issue is addressed here: - regulator_bulk_enable() is called upon each PM cycle (suspend/resume). - regulator_bulk_disable() never gets called.

So the reference count for these regulators constantly increase, by one upon each low power cycle, due to missing regulator_bulk_disable() call in __dwc2_lowlevel_hw_disable().

The original fix that introduced the devm_add_action_or_reset() call, fixed an issue during probe, that happens due to other errors in dwc2_driver_probe() -> dwc2_core_reset(). Then the probe fails without disabling regulators, when dr_mode == USB_DR_MODE_PERIPHERAL.

Rather fix the error path: disable all the low level hardware in the error path, by using the "hsotg->ll_hw_enabled" flag. Checking dr_mode has been introduced to avoid a dual call to dwc2_lowlevel_hw_disable(). "ll_hw_enabled" should achieve the same (and is used currently in the remove() routine).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53054"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-02T16:15:24Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix a devres leak in hw_enable upon suspend resume\n\nEach time the platform goes to low power, PM suspend / resume routines\ncall: __dwc2_lowlevel_hw_enable -\u003e devm_add_action_or_reset().\nThis adds a new devres each time.\nThis may also happen at runtime, as dwc2_lowlevel_hw_enable() can be\ncalled from udc_start().\n\nThis can be seen with tracing:\n- echo 1 \u003e /sys/kernel/debug/tracing/events/dev/devres_log/enable\n- go to low power\n- cat /sys/kernel/debug/tracing/trace\n\nA new \"ADD\" entry is found upon each low power cycle:\n... devres_log: 49000000.usb-otg ADD 82a13bba devm_action_release (8 bytes)\n... devres_log: 49000000.usb-otg ADD 49889daf devm_action_release (8 bytes)\n...\n\nA second issue is addressed here:\n- regulator_bulk_enable() is called upon each PM cycle (suspend/resume).\n- regulator_bulk_disable() never gets called.\n\nSo the reference count for these regulators constantly increase, by one\nupon each low power cycle, due to missing regulator_bulk_disable() call\nin __dwc2_lowlevel_hw_disable().\n\nThe original fix that introduced the devm_add_action_or_reset() call,\nfixed an issue during probe, that happens due to other errors in\ndwc2_driver_probe() -\u003e dwc2_core_reset(). Then the probe fails without\ndisabling regulators, when dr_mode == USB_DR_MODE_PERIPHERAL.\n\nRather fix the error path: disable all the low level hardware in the\nerror path, by using the \"hsotg-\u003ell_hw_enabled\" flag. Checking dr_mode\nhas been introduced to avoid a dual call to dwc2_lowlevel_hw_disable().\n\"ll_hw_enabled\" should achieve the same (and is used currently in the\nremove() routine).",
  "id": "GHSA-cqrq-5cq5-j744",
  "modified": "2025-11-12T18:31:04Z",
  "published": "2025-05-02T18:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53054"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1f01027c51eb16145e8e07fafea3ca07ef102d06"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6485fc381b6528b6f547ee1ff10bdbcbe31a6e4c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cba76e1fb896b573f09f51aa299223276a77bc90"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f747313249b74f323ddf841a9c8db14d989f296a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ffb8ab6f87bd28d700ab5c20d9d3a7e75067630d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CR5R-Q6MH-HR56

Vulnerability from github – Published: 2022-05-02 00:05 – Updated: 2022-05-02 00:05
VLAI
Details

Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2008-3913"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-09-11T01:13:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to \"error handling logic\".",
  "id": "GHSA-cr5r-q6mh-hr56",
  "modified": "2022-05-02T00:05:01Z",
  "published": "2022-05-02T00:05:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3913"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45057"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
    },
    {
      "type": "WEB",
      "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
    },
    {
      "type": "WEB",
      "url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31906"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31982"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32030"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32222"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32424"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32699"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3216"
    },
    {
      "type": "WEB",
      "url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1660"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/31051"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/31681"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020828"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2564"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2780"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-CR8F-M6RJ-F9QJ

Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-12 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-vf: Add missing free for alloc_percpu

Add the free_percpu for the allocated "vf->hw.lmt_info" in order to avoid memory leak, same as the "pf->hw.lmt_info" in drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53069"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-02T16:15:25Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-vf: Add missing free for alloc_percpu\n\nAdd the free_percpu for the allocated \"vf-\u003ehw.lmt_info\" in order to avoid\nmemory leak, same as the \"pf-\u003ehw.lmt_info\" in\n`drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c`.",
  "id": "GHSA-cr8f-m6rj-f9qj",
  "modified": "2025-11-12T21:31:00Z",
  "published": "2025-05-02T18:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53069"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/813b590840771890c738ce6dbfd0c5938a1bafb9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/840631bcf21f58c0a3f01378a54d79e9ce86b226"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/90874b76e5f82eaa3309714d72ff2cd8bb8d1b02"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f038f3917baf04835ba2b7bcf2a04ac93fbf8a9c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.