CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-FQ4X-X6F2-9Q95
Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-12-09 18:31In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: Fix memory leak on object td
Two error return paths are neglecting to free allocated object td, causing a memory leak. Fix this by returning via the error return path that securely kfree's td.
Fixes clang scan-build warning: security/keys/trusted-keys/trusted_tpm1.c:496:10: warning: Potential memory leak [unix.Malloc]
{
"affected": [],
"aliases": [
"CVE-2021-47009"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-28T09:15:38Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: Fix memory leak on object td\n\nTwo error return paths are neglecting to free allocated object td,\ncausing a memory leak. Fix this by returning via the error return\npath that securely kfree\u0027s td.\n\nFixes clang scan-build warning:\nsecurity/keys/trusted-keys/trusted_tpm1.c:496:10: warning: Potential\nmemory leak [unix.Malloc]",
"id": "GHSA-fq4x-x6f2-9q95",
"modified": "2024-12-09T18:31:18Z",
"published": "2024-02-28T09:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47009"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1c4031014106aff48e1e686e40101c31eab5d44c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/31c9a4b24d86cbb36ff0d7a085725a3b4f0138c8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3e24fbd37e72e8a67b74991970fecc82d14f57af"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/83a775d5f9bfda95b1c295f95a3a041a40c7f321"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FQ6P-6334-8GR4
Vulnerability from github – Published: 2022-02-09 23:26 – Updated: 2024-11-07 22:28Impact
When decoding PNG images TensorFlow can produce a memory leak if the image is invalid.
After calling png::CommonInitDecode(..., &decode), the decode value contains allocated buffers which can only be freed by calling png::CommonFreeDecode(&decode). However, several error case in the function implementation invoke the OP_REQUIRES macro which immediately terminates the execution of the function, without allowing for the memory free to occur.
Patches
We have patched the issue in GitHub commit ab51e5b813573dc9f51efa335aebcf2994125ee9.
The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
}
],
"aliases": [
"CVE-2022-23585"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": true,
"github_reviewed_at": "2022-02-04T19:09:09Z",
"nvd_published_at": "2022-02-04T23:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nWhen [decoding PNG images](https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L322-L416) TensorFlow can produce a memory leak if the image is invalid.\nAfter calling `png::CommonInitDecode(..., \u0026decode)`, the `decode` value contains allocated buffers which can only be freed by calling `png::CommonFreeDecode(\u0026decode)`. However, several error case in the function implementation invoke the `OP_REQUIRES` macro which immediately terminates the execution of the function, without allowing for the memory free to occur.\n \n### Patches \nWe have patched the issue in GitHub commit [ab51e5b813573dc9f51efa335aebcf2994125ee9](https://github.com/tensorflow/tensorflow/commit/ab51e5b813573dc9f51efa335aebcf2994125ee9).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.",
"id": "GHSA-fq6p-6334-8gr4",
"modified": "2024-11-07T22:28:59Z",
"published": "2022-02-09T23:26:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq6p-6334-8gr4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23585"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/ab51e5b813573dc9f51efa335aebcf2994125ee9"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-94.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-149.yaml"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L322-L416"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "Memory leak in decoding PNG images"
}
GHSA-FQJW-RGV6-J77Q
Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2022-05-24 17:43A ZTE product has a memory leak vulnerability. Due to the product's improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. This affects: ZXR10 8900E, all versions up to V3.03.20R2B30P1.
{
"affected": [],
"aliases": [
"CVE-2021-21724"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-26T03:15:00Z",
"severity": "MODERATE"
},
"details": "A ZTE product has a memory leak vulnerability. Due to the product\u0027s improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. This affects: ZXR10 8900E, all versions up to V3.03.20R2B30P1.",
"id": "GHSA-fqjw-rgv6-j77q",
"modified": "2022-05-24T17:43:11Z",
"published": "2022-05-24T17:43:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21724"
},
{
"type": "WEB",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014584"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-FQMF-FV5C-GPV2
Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-05-24 17:45A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash.
{
"affected": [],
"aliases": [
"CVE-2020-35502"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-25T19:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash.",
"id": "GHSA-fqmf-fv5c-gpv2",
"modified": "2022-05-24T17:45:20Z",
"published": "2022-05-24T17:45:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35502"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928749"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202107-16"
},
{
"type": "WEB",
"url": "https://www.privoxy.org/3.0.29/user-manual/whatsnew.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-FQVX-XPV6-VJ7W
Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-10 18:30In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix expander node leak in mpi3mr_remove()
Add a missing resource clean up in .remove.
{
"affected": [],
"aliases": [
"CVE-2023-53127"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-02T16:15:31Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix expander node leak in mpi3mr_remove()\n\nAdd a missing resource clean up in .remove.",
"id": "GHSA-fqvx-xpv6-vj7w",
"modified": "2025-11-10T18:30:30Z",
"published": "2025-05-02T18:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53127"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0023972a7593720f8878aed06c03ac9e541078be"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ce756daa36e1ba271bb3334267295e447aa57a5c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cf9777be5683c5e55680c089df02ee27d2226aa8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FR44-546P-7XCP
Vulnerability from github – Published: 2023-10-10 22:23 – Updated: 2024-06-03 18:31Impact
The MsQuic server will continue to leak memory until no more is available, resulting in a denial of service.
Patches
The following patch was made:
- Fix Memory Leak from Multiple Decodes of TP - https://github.com/microsoft/msquic/commit/d364feeda0dd8b729eca6fef149c1ef98630f0cb
Workarounds
Beyond upgrading to the patched versions, there is no other workaround.
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "Microsoft.Native.Quic.MsQuic.OpenSSL"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.2.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Microsoft.Native.Quic.MsQuic.Schannel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.2.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-36435"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-401"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-10T22:23:28Z",
"nvd_published_at": "2023-10-10T18:15:12Z",
"severity": "HIGH"
},
"details": "### Impact\nThe MsQuic server will continue to leak memory until no more is available, resulting in a denial of service.\n\n### Patches\nThe following patch was made:\n\n- Fix Memory Leak from Multiple Decodes of TP - https://github.com/microsoft/msquic/commit/d364feeda0dd8b729eca6fef149c1ef98630f0cb\n\n### Workarounds\nBeyond upgrading to the patched versions, there is no other workaround.\n",
"id": "GHSA-fr44-546p-7xcp",
"modified": "2024-06-03T18:31:15Z",
"published": "2023-10-10T22:23:28Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/microsoft/msquic/security/advisories/GHSA-fr44-546p-7xcp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36435"
},
{
"type": "WEB",
"url": "https://github.com/microsoft/msquic/commit/d364feeda0dd8b729eca6fef149c1ef98630f0cb"
},
{
"type": "PACKAGE",
"url": "https://github.com/microsoft/msquic"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36435"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "MsQuic Remote Denial of Service Vulnerability"
}
GHSA-FRGF-8JR5-J2JV
Vulnerability from github – Published: 2023-10-30 21:33 – Updated: 2026-06-08 23:16A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "rmagick"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-5349"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-401"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-31T19:41:15Z",
"nvd_published_at": "2023-10-30T21:15:07Z",
"severity": "MODERATE"
},
"details": "A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.",
"id": "GHSA-frgf-8jr5-j2jv",
"modified": "2026-06-08T23:16:29Z",
"published": "2023-10-30T21:33:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5349"
},
{
"type": "WEB",
"url": "https://github.com/rmagick/rmagick/issues/1401"
},
{
"type": "WEB",
"url": "https://github.com/rmagick/rmagick/pull/1406"
},
{
"type": "WEB",
"url": "https://github.com/rmagick/rmagick/commit/02f37ca0d6c2b8fff316e0668efa690f5c90a429"
},
{
"type": "WEB",
"url": "https://github.com/rmagick/rmagick/commit/fec7a7e639ae565386f7615155dbcf49b957b64a"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2023-5349"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247064"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-frgf-8jr5-j2jv"
},
{
"type": "PACKAGE",
"url": "https://github.com/rmagick/rmagick"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rmagick/CVE-2023-5349.yml"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00030.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00003.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3XMQ2KWPYGT447EKPENGXXHKAQ5NUWF"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "memory leak flaw was found in ruby-magick"
}
GHSA-FRJ7-889M-PJX6
Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2023-02-23 15:33ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
{
"affected": [],
"aliases": [
"CVE-2019-13301"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-05T01:15:00Z",
"severity": "MODERATE"
},
"details": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.",
"id": "GHSA-frj7-889m-pjx6",
"modified": "2023-02-23T15:33:05Z",
"published": "2022-05-24T16:49:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13301"
},
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1585"
},
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1589"
},
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4192-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4712"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FV3V-376J-HCPX
Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-16 21:30In the Linux kernel, the following vulnerability has been resolved:
staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()
In rtw_init_drv_sw(), there are various init functions are called to populate the padapter structure and some checks for their return value. However, except for the first one error path, the other five error paths do not properly release the previous allocated resources, which leads to various memory leaks.
This patch fixes them and keeps the success and error separate.
Note that these changes keep the form of rtw_init_drv_sw() in
"drivers/staging/r8188eu/os_dep/os_intfs.c". As there is no proper device
to test with, no runtime testing was performed.
{
"affected": [],
"aliases": [
"CVE-2022-50469"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-01T12:15:40Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()\n\nIn rtw_init_drv_sw(), there are various init functions are called to\npopulate the padapter structure and some checks for their return value.\nHowever, except for the first one error path, the other five error paths\ndo not properly release the previous allocated resources, which leads to\nvarious memory leaks.\n\nThis patch fixes them and keeps the success and error separate.\nNote that these changes keep the form of `rtw_init_drv_sw()` in\n\"drivers/staging/r8188eu/os_dep/os_intfs.c\". As there is no proper device\nto test with, no runtime testing was performed.",
"id": "GHSA-fv3v-376j-hcpx",
"modified": "2026-01-16T21:30:29Z",
"published": "2025-10-01T12:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50469"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5a5aa9cce621e2c0e25a1e5d72d6be1749167cc0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6b2052b365f8035ab7f09ac24b5b499002b298cb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b4573a2bad3c3e2643ef3939079eb7035a30e6ee"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d95d1526d9f06978c1a7186810a5490d72c62742"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FV6M-6723-V88J
Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-12-03 21:30In the Linux kernel, the following vulnerability has been resolved:
media: airspy: fix memory leak in airspy probe
The commit ca9dc8d06ab6 ("media: airspy: respect the DMA coherency rules") moves variable buf from stack to heap, however, it only frees buf in the error handling code, missing deallocation in the success path.
Fix this by freeing buf in the success path since this variable does not have any references in other code.
{
"affected": [],
"aliases": [
"CVE-2022-50326"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T15:15:44Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: airspy: fix memory leak in airspy probe\n\nThe commit ca9dc8d06ab6 (\"media: airspy: respect the DMA coherency\n rules\") moves variable buf from stack to heap, however, it only frees\nbuf in the error handling code, missing deallocation in the success\npath.\n\nFix this by freeing buf in the success path since this variable does not\nhave any references in other code.",
"id": "GHSA-fv6m-6723-v88j",
"modified": "2025-12-03T21:30:59Z",
"published": "2025-09-15T15:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50326"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/23bc5eb55f8c9607965c20d9ddcc13cb1ae59568"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f4285dd02b6b2ca3435b65fb62c053dd9408fd71"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.