Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-F8G6-27F9-3R98

Vulnerability from github – Published: 2024-03-02 00:31 – Updated: 2024-12-12 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

uio_hv_generic: Fix a memory leak in error handling paths

If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be updated and 'hv_uio_cleanup()' in the error handling path will not be able to free the corresponding buffer.

In such a case, we need to free the buffer explicitly.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47071"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-01T22:15:46Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix a memory leak in error handling paths\n\nIf \u0027vmbus_establish_gpadl()\u0027 fails, the (recv|send)_gpadl will not be\nupdated and \u0027hv_uio_cleanup()\u0027 in the error handling path will not be\nable to free the corresponding buffer.\n\nIn such a case, we need to free the buffer explicitly.",
  "id": "GHSA-f8g6-27f9-3r98",
  "modified": "2024-12-12T15:31:05Z",
  "published": "2024-03-02T00:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47071"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3ee098f96b8b6c1a98f7f97915f8873164e6af9d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/53486c467e356e06aa37047c984fccd64d78c827"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cdd91637d4ef33e2be19a8e16e72e7d00c996d76"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d84b5e912212b05f6b5bde9f682046accfbe0354"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F92V-9WHH-9H2Q

Vulnerability from github – Published: 2025-08-14 18:31 – Updated: 2025-08-14 18:31
VLAI
Details

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.

This vulnerability is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. In the case of Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly. In the case of Cisco ASA and FTD Software, a successful exploit could allow the attacker to partially exhaust system memory, causing system instability such as being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20225"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-14T17:15:36Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.\n\n This vulnerability is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. In the case of Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly. In the case of Cisco ASA and FTD Software, a successful exploit could allow the attacker to partially exhaust system memory, causing system instability such as being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.",
  "id": "GHSA-f92v-9whh-9h2q",
  "modified": "2025-08-14T18:31:29Z",
  "published": "2025-08-14T18:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20225"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F985-CWRV-F4QP

Vulnerability from github – Published: 2024-04-16 18:31 – Updated: 2024-11-20 18:32
VLAI
Details

An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3860"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-16T16:15:08Z",
    "severity": "MODERATE"
  },
  "details": "An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox \u003c 125.",
  "id": "GHSA-f985-cwrv-f4qp",
  "modified": "2024-11-20T18:32:14Z",
  "published": "2024-04-16T18:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3860"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881417"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-18"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F9GX-FRHW-G435

Vulnerability from github – Published: 2026-05-28 12:30 – Updated: 2026-05-30 12:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import()

When xe_dma_buf_init_obj() fails, the attachment from dma_buf_dynamic_attach() is not detached. Add dma_buf_detach() before returning the error. Note: we cannot use goto out_err here because xe_dma_buf_init_obj() already frees bo on failure, and out_err would double-free it.

(cherry picked from commit a828eb185aac41800df8eae4b60501ccc0dbbe51)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-46201"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T10:16:35Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix dma-buf attachment leak in xe_gem_prime_import()\n\nWhen xe_dma_buf_init_obj() fails, the attachment from\ndma_buf_dynamic_attach() is not detached. Add dma_buf_detach() before\nreturning the error. Note: we cannot use goto out_err here because\nxe_dma_buf_init_obj() already frees bo on failure, and out_err would\ndouble-free it.\n\n(cherry picked from commit a828eb185aac41800df8eae4b60501ccc0dbbe51)",
  "id": "GHSA-f9gx-frhw-g435",
  "modified": "2026-05-30T12:30:25Z",
  "published": "2026-05-28T12:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46201"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0afa8b1ef582ecf6fb04097fd356f8741e5005ed"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/111ab678471bf1f90d078d5513bb086b70596c3c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d394669e194936d7ce15284a24a5ae334c4c5b74"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/eea1e10f8d99c0f04deef707c99705b94bba3b78"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F9WF-XVM8-M6QP

Vulnerability from github – Published: 2025-09-18 15:30 – Updated: 2025-12-12 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

staging: greybus: audio_helper: remove unused and wrong debugfs usage

In the greybus audio_helper code, the debugfs file for the dapm has the potential to be removed and memory will be leaked. There is also the very real potential for this code to remove ALL debugfs entries from the system, and it seems like this is what will really happen if this code ever runs. This all is very wrong as the greybus audio driver did not create this debugfs file, the sound core did and controls the lifespan of it.

So remove all of the debugfs logic from the audio_helper code as there's no way it could be correct. If this really is needed, it can come back with a fixup for the incorrect usage of the debugfs_lookup() call which is what caused this to be noticed at all.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50400"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-18T14:15:39Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: greybus: audio_helper: remove unused and wrong debugfs usage\n\nIn the greybus audio_helper code, the debugfs file for the dapm has the\npotential to be removed and memory will be leaked.  There is also the\nvery real potential for this code to remove ALL debugfs entries from the\nsystem, and it seems like this is what will really happen if this code\never runs.  This all is very wrong as the greybus audio driver did not\ncreate this debugfs file, the sound core did and controls the lifespan\nof it.\n\nSo remove all of the debugfs logic from the audio_helper code as there\u0027s\nno way it could be correct.  If this really is needed, it can come back\nwith a fixup for the incorrect usage of the debugfs_lookup() call which\nis what caused this to be noticed at all.",
  "id": "GHSA-f9wf-xvm8-m6qp",
  "modified": "2025-12-12T21:31:31Z",
  "published": "2025-09-18T15:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50400"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4dab0d27a4211a27135a6899d6c737e6e0759a11"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5699afbff1fa2972722e863906c0320d55dd4d58"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d0febad83e29d85bb66e4f5cac0115b022403338"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d517cdeb904ddc0cbebcc959d43596426cac40b0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d835fa49d9589a780ff0d001bb7e6323238a4afb"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FC4J-GHGG-C9CG

Vulnerability from github – Published: 2026-02-14 18:30 – Updated: 2026-03-18 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: amd: fix memory leak in acp3x pdm dma ops

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23190"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-14T17:15:56Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: amd: fix memory leak in acp3x pdm dma ops",
  "id": "GHSA-fc4j-ghgg-c9cg",
  "modified": "2026-03-18T18:31:11Z",
  "published": "2026-02-14T18:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23190"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0e0120214b5dcb0bf6b2171bb4e68e38968b2861"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/279cb9180510f7e13c3a4dfde8c16a8fbc7c5709"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6d33640404968fe9f14a1252b337362b62fff490"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7f67ba5413f98d93116a756e7f17cd2c1d6c2bd6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f23800c7eed06cb8ccae8a225f5e3d421b0d4cc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c9c14d2abe4c5546fcd3a7347fadc4aad2b308d8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d7ead6512650447a4cd6db774a2379acb259650c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FC99-JJX6-P9XQ

Vulnerability from github – Published: 2022-10-20 12:00 – Updated: 2022-10-24 19:00
VLAI
Details

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory resource utilization.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-41832"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-19T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory resource utilization.",
  "id": "GHSA-fc99-jjx6-p9xq",
  "modified": "2022-10-24T19:00:24Z",
  "published": "2022-10-20T12:00:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41832"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K10347453"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FCFW-R6PJ-X447

Vulnerability from github – Published: 2022-05-24 17:25 – Updated: 2022-05-24 17:25
VLAI
Details

In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-11937"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-08-06T23:15:00Z",
    "severity": "LOW"
  },
  "details": "In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1.",
  "id": "GHSA-fcfw-r6pj-x447",
  "modified": "2022-05-24T17:25:02Z",
  "published": "2022-05-24T17:25:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11937"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sungjungk/whoopsie_killer"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.net/bugs/1881982"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4450-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-FCP2-76RF-PJRC

Vulnerability from github – Published: 2024-12-27 15:31 – Updated: 2025-11-03 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init()

There's issue as follows: RPC: Registered rdma transport module. RPC: Registered rdma backchannel transport module. RPC: Unregistered rdma transport module. RPC: Unregistered rdma backchannel transport module. BUG: unable to handle page fault for address: fffffbfff80c609a PGD 123fee067 P4D 123fee067 PUD 123fea067 PMD 10c624067 PTE 0 Oops: Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI RIP: 0010:percpu_counter_destroy_many+0xf7/0x2a0 Call Trace: __die+0x1f/0x70 page_fault_oops+0x2cd/0x860 spurious_kernel_fault+0x36/0x450 do_kern_addr_fault+0xca/0x100 exc_page_fault+0x128/0x150 asm_exc_page_fault+0x26/0x30 percpu_counter_destroy_many+0xf7/0x2a0 mmdrop+0x209/0x350 finish_task_switch.isra.0+0x481/0x840 schedule_tail+0xe/0xd0 ret_from_fork+0x23/0x80 ret_from_fork_asm+0x1a/0x30

If register_sysctl() return NULL, then svc_rdma_proc_cleanup() will not destroy the percpu counters which init in svc_rdma_proc_init(). If CONFIG_HOTPLUG_CPU is enabled, residual nodes may be in the 'percpu_counters' list. The above issue may occur once the module is removed. If the CONFIG_HOTPLUG_CPU configuration is not enabled, memory leakage occurs. To solve above issue just destroy all percpu counters when register_sysctl() return NULL.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-53215"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-27T14:15:29Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nsvcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init()\n\nThere\u0027s issue as follows:\nRPC: Registered rdma transport module.\nRPC: Registered rdma backchannel transport module.\nRPC: Unregistered rdma transport module.\nRPC: Unregistered rdma backchannel transport module.\nBUG: unable to handle page fault for address: fffffbfff80c609a\nPGD 123fee067 P4D 123fee067 PUD 123fea067 PMD 10c624067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI\nRIP: 0010:percpu_counter_destroy_many+0xf7/0x2a0\nCall Trace:\n \u003cTASK\u003e\n __die+0x1f/0x70\n page_fault_oops+0x2cd/0x860\n spurious_kernel_fault+0x36/0x450\n do_kern_addr_fault+0xca/0x100\n exc_page_fault+0x128/0x150\n asm_exc_page_fault+0x26/0x30\n percpu_counter_destroy_many+0xf7/0x2a0\n mmdrop+0x209/0x350\n finish_task_switch.isra.0+0x481/0x840\n schedule_tail+0xe/0xd0\n ret_from_fork+0x23/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nIf register_sysctl() return NULL, then svc_rdma_proc_cleanup() will not\ndestroy the percpu counters which init in svc_rdma_proc_init().\nIf CONFIG_HOTPLUG_CPU is enabled, residual nodes may be in the\n\u0027percpu_counters\u0027 list. The above issue may occur once the module is\nremoved. If the CONFIG_HOTPLUG_CPU configuration is not enabled, memory\nleakage occurs.\nTo solve above issue just destroy all percpu counters when\nregister_sysctl() return NULL.",
  "id": "GHSA-fcp2-76rf-pjrc",
  "modified": "2025-11-03T21:31:49Z",
  "published": "2024-12-27T15:31:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53215"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1c9a99c89e45b22eb556fd2f3f729f2683f247d5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/20322edcbad82a60321a8615a99ca73a9611115f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/94d2d6d398706ab7218a26d61e12919c4b498e09"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a12c897adf40b6e2b4a56e6912380c31bd7b2479"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ce89e742a4c12b20f09a43fec1b21db33f2166cd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ebf47215d46992caea660ec01cd618005d9e687a"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FF49-CC6C-4VWM

Vulnerability from github – Published: 2025-09-17 15:30 – Updated: 2025-12-10 00:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc3: core: fix some leaks in probe

The dwc3_get_properties() function calls:

dwc->usb_psy = power_supply_get_by_name(usb_psy_name);

so there is some additional clean up required on these error paths.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50357"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-17T15:15:34Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: core: fix some leaks in probe\n\nThe dwc3_get_properties() function calls:\n\n\tdwc-\u003eusb_psy = power_supply_get_by_name(usb_psy_name);\n\nso there is some additional clean up required on these error paths.",
  "id": "GHSA-ff49-cc6c-4vwm",
  "modified": "2025-12-10T00:30:21Z",
  "published": "2025-09-17T15:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50357"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2a735e4b5580a2a6bbd6572109b4c4f163c57462"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3a213503f483173e7eea76f2e7e3bdd6df7fd6f8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/79c3afb55942368921237d7b5355d48c52bdde20"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.