CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-FH4Q-XRMP-HV9J
Vulnerability from github – Published: 2025-10-22 18:30 – Updated: 2025-10-22 18:30In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix anon_dev leak in create_subvol()
When btrfs_qgroup_inherit(), btrfs_alloc_tree_block, or btrfs_insert_root() fail in create_subvol(), we return without freeing anon_dev. Reorganize the error handling in create_subvol() to fix this.
{
"affected": [],
"aliases": [
"CVE-2022-49469"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:23Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix anon_dev leak in create_subvol()\n\nWhen btrfs_qgroup_inherit(), btrfs_alloc_tree_block, or\nbtrfs_insert_root() fail in create_subvol(), we return without freeing\nanon_dev. Reorganize the error handling in create_subvol() to fix this.",
"id": "GHSA-fh4q-xrmp-hv9j",
"modified": "2025-10-22T18:30:31Z",
"published": "2025-10-22T18:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49469"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2256e901f5bddc56e24089c96f27b77da932dfcc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7a875ad8706f0903a0e812e0dd701956ee9826ff"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d887b3de318834f9aa637ecf79c6bc66cba7c69a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FH6C-P6Q9-8M5F
Vulnerability from github – Published: 2025-01-10 21:31 – Updated: 2025-01-14 15:30On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size” is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being terminated (causing SNMP requests to time out until snmpd is restarted) and memory pressure for other processes on the switch. Increased memory pressure can cause processes other than snmpd to be at risk for unexpected termination as well.
{
"affected": [],
"aliases": [
"CVE-2024-7095"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-10T21:15:13Z",
"severity": "MODERATE"
},
"details": "On affected platforms running Arista EOS with SNMP configured, if \u201csnmp-server transmit max-size\u201d is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being terminated (causing SNMP requests to time out until snmpd is restarted) and memory pressure for other processes on the switch. Increased memory pressure can cause processes other than snmpd to be at risk for unexpected termination as well.",
"id": "GHSA-fh6c-p6q9-8m5f",
"modified": "2025-01-14T15:30:51Z",
"published": "2025-01-10T21:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7095"
},
{
"type": "WEB",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20650-security-advisory-0107"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-FHRJ-R6WW-VQ67
Vulnerability from github – Published: 2026-07-11 15:30 – Updated: 2026-07-11 15:30ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service.
{
"affected": [],
"aliases": [
"CVE-2026-61870"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-11T14:16:24Z",
"severity": "LOW"
},
"details": "ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service.",
"id": "GHSA-fhrj-r6ww-vq67",
"modified": "2026-07-11T15:30:24Z",
"published": "2026-07-11T15:30:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-m596-67p7-69wh"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-61870"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/imagemagick-before-26-memory-leak-via-viff-encoder"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-FJ56-2H43-2HCW
Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-12-03 21:30In the Linux kernel, the following vulnerability has been resolved:
PNP: fix name memory leak in pnp_alloc_dev()
After commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, move dev_set_name() after pnp_add_id() to avoid memory leak.
{
"affected": [],
"aliases": [
"CVE-2022-50278"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T15:15:38Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nPNP: fix name memory leak in pnp_alloc_dev()\n\nAfter commit 1fa5ae857bb1 (\"driver core: get rid of struct device\u0027s\nbus_id string array\"), the name of device is allocated dynamically,\nmove dev_set_name() after pnp_add_id() to avoid memory leak.",
"id": "GHSA-fj56-2h43-2hcw",
"modified": "2025-12-03T21:30:59Z",
"published": "2025-09-15T15:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50278"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/110d7b0325c55ff3620073ba4201845f59e22ebf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1f50c7497a5f89de0c31f2edf086af41ff834320"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/290dd73b943c95c006df973257076ff163adf4d0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/693a0c13c1f0c0fcaa1e38cb806cc0789bd415aa"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/81b024df4755e6bb6993b786584eca6eabbb9791"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bbcf772216aa237036cc3ae3158288d0a95aaf4d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c12b314bb23dc0c83e03402cc84574700947e3b2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dac87e295cddc8ab316cff14ab2071b5221d84fa"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ea77b4b761cd75e5456f677311babfa0418f289a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FJ7C-VG2V-CCRM
Vulnerability from github – Published: 2022-07-15 21:07 – Updated: 2022-09-08 14:21Buffer leak on incoming WebSocket PONG message(s) in Undertow before 2.0.40 and 2.2.10 can lead to memory exhaustion and allow a denial of service.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "io.undertow:undertow-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.40"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "io.undertow:undertow-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.2.0"
},
{
"fixed": "2.2.10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-3690"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-401"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-15T21:07:20Z",
"nvd_published_at": "2022-08-23T16:15:00Z",
"severity": "HIGH"
},
"details": "Buffer leak on incoming WebSocket PONG message(s) in Undertow before 2.0.40 and 2.2.10 can lead to memory exhaustion and allow a denial of service.",
"id": "GHSA-fj7c-vg2v-ccrm",
"modified": "2022-09-08T14:21:49Z",
"published": "2022-07-15T21:07:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3690"
},
{
"type": "WEB",
"url": "https://github.com/undertow-io/undertow/commit/c7e84a0b7efced38506d7d1dfea5902366973877"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2021-3690"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2021-3690#cve-cvss-v3"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991299"
},
{
"type": "PACKAGE",
"url": "https://github.com/undertow-io/undertow"
},
{
"type": "WEB",
"url": "https://issues.redhat.com/browse/UNDERTOW-1935"
},
{
"type": "WEB",
"url": "https://www.mend.io/vulnerability-database/CVE-2021-3690"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Undertow vulnerable to memory exhaustion due to buffer leak"
}
GHSA-FJFJ-R96F-8HQW
Vulnerability from github – Published: 2025-01-31 12:33 – Updated: 2026-05-12 15:30In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix bpf_sk_select_reuseport() memory leak
As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF set before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb does not imply a non-refcounted socket.
Drop sk's reference in both error paths.
unreferenced object 0xffff888101911800 (size 2048): comm "test_progs", pid 44109, jiffies 4297131437 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 9336483b): __kmalloc_noprof+0x3bf/0x560 __reuseport_alloc+0x1d/0x40 reuseport_alloc+0xca/0x150 reuseport_attach_prog+0x87/0x140 sk_reuseport_attach_bpf+0xc8/0x100 sk_setsockopt+0x1181/0x1990 do_sock_setsockopt+0x12b/0x160 __sys_setsockopt+0x7b/0xc0 __x64_sys_setsockopt+0x1b/0x30 do_syscall_64+0x93/0x180 entry_SYSCALL_64_after_hwframe+0x76/0x7e
{
"affected": [],
"aliases": [
"CVE-2025-21683"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-31T12:15:29Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk\u0027s reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"id": "GHSA-fjfj-r96f-8hqw",
"modified": "2026-05-12T15:30:45Z",
"published": "2025-01-31T12:33:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21683"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0ab52a8ca6e156a64c51b5e7456cac9a0ebfd9bf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b02e70be498b138e9c21701c2f33f4018ca7cd5e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b3af60928ab9129befa65e6df0310d27300942bf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bb36838dac7bb334a3f3d7eb29875593ec9473fc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cccd51dd22574216e64e5d205489e634f86999f3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d0a3b3d1176d39218b8edb2a2d03164942ab9ccd"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FJJC-6JMX-XP69
Vulnerability from github – Published: 2022-10-19 19:00 – Updated: 2022-10-21 19:01An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac.
{
"affected": [],
"aliases": [
"CVE-2022-43032"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-19T14:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac.",
"id": "GHSA-fjjc-6jmx-xp69",
"modified": "2022-10-21T19:01:16Z",
"published": "2022-10-19T19:00:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43032"
},
{
"type": "WEB",
"url": "https://github.com/axiomatic-systems/Bento4/issues/763"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FJQW-397C-PG22
Vulnerability from github – Published: 2024-07-16 12:30 – Updated: 2025-09-24 18:30In the Linux kernel, the following vulnerability has been resolved:
mtd: parsers: qcom: Fix missing free for pparts in cleanup
Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak.
{
"affected": [],
"aliases": [
"CVE-2022-48776"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-16T12:15:02Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: parsers: qcom: Fix missing free for pparts in cleanup\n\nMtdpart doesn\u0027t free pparts when a cleanup function is declared.\nAdd missing free for pparts in cleanup function for smem to fix the\nleak.",
"id": "GHSA-fjqw-397c-pg22",
"modified": "2025-09-24T18:30:23Z",
"published": "2024-07-16T12:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48776"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1b37889f9a151d26a3fb0d3870f6e1046dee2e24"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3dd8ba961b9356c4113b96541c752c73d98fef70"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3eb5185896a68373714dc7d0009111744adc3345"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FM5M-5CR7-5Q35
Vulnerability from github – Published: 2026-02-04 18:30 – Updated: 2026-03-18 18:31In the Linux kernel, the following vulnerability has been resolved:
l2tp: Fix memleak in l2tp_udp_encap_recv().
syzbot reported memleak of struct l2tp_session, l2tp_tunnel, sock, etc. [0]
The cited commit moved down the validation of the protocol version in l2tp_udp_encap_recv().
The new place requires an extra error handling to avoid the memleak.
Let's call l2tp_session_put() there.
[0]: BUG: memory leak unreferenced object 0xffff88810a290200 (size 512): comm "syz.0.17", pid 6086, jiffies 4294944299 hex dump (first 32 bytes): 7d eb 04 0c 00 00 00 00 01 00 00 00 00 00 00 00 }............... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc babb6a4f): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4958 [inline] slab_alloc_node mm/slub.c:5263 [inline] __do_kmalloc_node mm/slub.c:5656 [inline] __kmalloc_noprof+0x3e0/0x660 mm/slub.c:5669 kmalloc_noprof include/linux/slab.h:961 [inline] kzalloc_noprof include/linux/slab.h:1094 [inline] l2tp_session_create+0x3a/0x3b0 net/l2tp/l2tp_core.c:1778 pppol2tp_connect+0x48b/0x920 net/l2tp/l2tp_ppp.c:755 __sys_connect_file+0x7a/0xb0 net/socket.c:2089 __sys_connect+0xde/0x110 net/socket.c:2108 __do_sys_connect net/socket.c:2114 [inline] __se_sys_connect net/socket.c:2111 [inline] __x64_sys_connect+0x1c/0x30 net/socket.c:2111 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xa4/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f
{
"affected": [],
"aliases": [
"CVE-2026-23072"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-04T17:16:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: Fix memleak in l2tp_udp_encap_recv().\n\nsyzbot reported memleak of struct l2tp_session, l2tp_tunnel,\nsock, etc. [0]\n\nThe cited commit moved down the validation of the protocol\nversion in l2tp_udp_encap_recv().\n\nThe new place requires an extra error handling to avoid the\nmemleak.\n\nLet\u0027s call l2tp_session_put() there.\n\n[0]:\nBUG: memory leak\nunreferenced object 0xffff88810a290200 (size 512):\n comm \"syz.0.17\", pid 6086, jiffies 4294944299\n hex dump (first 32 bytes):\n 7d eb 04 0c 00 00 00 00 01 00 00 00 00 00 00 00 }...............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc babb6a4f):\n kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]\n slab_post_alloc_hook mm/slub.c:4958 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n __do_kmalloc_node mm/slub.c:5656 [inline]\n __kmalloc_noprof+0x3e0/0x660 mm/slub.c:5669\n kmalloc_noprof include/linux/slab.h:961 [inline]\n kzalloc_noprof include/linux/slab.h:1094 [inline]\n l2tp_session_create+0x3a/0x3b0 net/l2tp/l2tp_core.c:1778\n pppol2tp_connect+0x48b/0x920 net/l2tp/l2tp_ppp.c:755\n __sys_connect_file+0x7a/0xb0 net/socket.c:2089\n __sys_connect+0xde/0x110 net/socket.c:2108\n __do_sys_connect net/socket.c:2114 [inline]\n __se_sys_connect net/socket.c:2111 [inline]\n __x64_sys_connect+0x1c/0x30 net/socket.c:2111\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xa4/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"id": "GHSA-fm5m-5cr7-5q35",
"modified": "2026-03-18T18:31:11Z",
"published": "2026-02-04T18:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23072"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4d10edfd1475b69dbd4c47f34b61a3772ece83ca"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5cd158a88eef34e7b100cd9b963873d3b4e41b35"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d4ce79e6dce2a4a49eebceea7b4caf5dc0f0ef3d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FM8F-3J2C-52XR
Vulnerability from github – Published: 2022-05-13 01:35 – Updated: 2025-10-22 00:31A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.
{
"affected": [],
"aliases": [
"CVE-2018-0158"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-401",
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-28T22:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.",
"id": "GHSA-fm8f-3j2c-52xr",
"modified": "2025-10-22T00:31:30Z",
"published": "2022-05-13T01:35:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0158"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0158"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103566"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040595"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.