CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-H3JC-6RCX-XCC3
Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-11 21:31In the Linux kernel, the following vulnerability has been resolved:
media: i2c/tw9903: Fix potential memory leak in tw9903_probe()
In one of the error paths in tw9903_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handler_free() on the handler in that error path.
{
"affected": [],
"aliases": [
"CVE-2026-43218"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-06T12:16:41Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c/tw9903: Fix potential memory leak in tw9903_probe()\n\nIn one of the error paths in tw9903_probe(), the memory allocated in\nv4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that\nby calling v4l2_ctrl_handler_free() on the handler in that error path.",
"id": "GHSA-h3jc-6rcx-xcc3",
"modified": "2026-05-11T21:31:31Z",
"published": "2026-05-06T12:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43218"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/32f0493506313775d3bd448de34762b6538da6bd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/92537a15780b6d0281fd8286f93fbc3652e35f48"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9cb9eca33d20316ed3c7a938793b8735ac3e128b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9cea16fea47e5553f51d10957677ff735b1eff03"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a114918270f0d95c607d69b03a244e6afe54813f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/add02a3fb1fd71b004f0ed824cbac00f850de558"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cc7aeed33e4f55c76f35f0fca73e4dfe12a63a3a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e54aa17c968c4de2c5f7b7ea390c63d33c07513b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H3P8-5P88-3QF2
Vulnerability from github – Published: 2026-01-23 15:31 – Updated: 2026-02-26 21:31In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: Fix a memory leak in tpm2_load_cmd
'tpm2_load_cmd' allocates a tempoary blob indirectly via 'tpm2_key_decode' but it is not freed in the failure paths. Address this by wrapping the blob into with a cleanup helper.
{
"affected": [],
"aliases": [
"CVE-2025-71147"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-23T15:16:05Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: Fix a memory leak in tpm2_load_cmd\n\n\u0027tpm2_load_cmd\u0027 allocates a tempoary blob indirectly via \u0027tpm2_key_decode\u0027\nbut it is not freed in the failure paths. Address this by wrapping the blob\ninto with a cleanup helper.",
"id": "GHSA-h3p8-5p88-3qf2",
"modified": "2026-02-26T21:31:26Z",
"published": "2026-01-23T15:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71147"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/19166de9737218b77122c41a5730ac87025e089f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3fd7df4636d8fd5e3592371967a5941204368936"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/62cd5d480b9762ce70d720a81fa5b373052ae05f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9b015f2918b95bdde2ca9cefa10ef02b138aae1e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9e7c63c69f57b1db1a8a1542359a6167ff8fcef1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/af0689cafb127a8d1af78cc8b72585c9b2a19ecd"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H3V5-36CC-XMC7
Vulnerability from github – Published: 2024-12-02 15:31 – Updated: 2025-11-03 21:31In the Linux kernel, the following vulnerability has been resolved:
mm: page_alloc: move mlocked flag clearance into free_pages_prepare()
Syzbot reported a bad page state problem caused by a page being freed using free_page() still having a mlocked flag at free_pages_prepare() stage:
BUG: Bad page state in process syz.5.504 pfn:61f45 page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61f45 flags: 0xfff00000080204(referenced|workingset|mlocked|node=0|zone=1|lastcpupid=0x7ff) raw: 00fff00000080204 0000000000000000 dead000000000122 0000000000000000 raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), pid 8443, tgid 8442 (syz.5.504), ts 201884660643, free_ts 201499827394 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x303f/0x3190 mm/page_alloc.c:3457 __alloc_pages_noprof+0x292/0x710 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265 kvm_coalesced_mmio_init+0x1f/0xf0 virt/kvm/coalesced_mmio.c:99 kvm_create_vm virt/kvm/kvm_main.c:1235 [inline] kvm_dev_ioctl_create_vm virt/kvm/kvm_main.c:5488 [inline] kvm_dev_ioctl+0x12dc/0x2240 virt/kvm/kvm_main.c:5530 __do_compat_sys_ioctl fs/ioctl.c:1007 [inline] __se_compat_sys_ioctl+0x510/0xc90 fs/ioctl.c:950 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline] __do_fast_syscall_32+0xb4/0x110 arch/x86/entry/common.c:386 do_fast_syscall_32+0x34/0x80 arch/x86/entry/common.c:411 entry_SYSENTER_compat_after_hwframe+0x84/0x8e page last free pid 8399 tgid 8399 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1108 [inline] free_unref_folios+0xf12/0x18d0 mm/page_alloc.c:2686 folios_put_refs+0x76c/0x860 mm/swap.c:1007 free_pages_and_swap_cache+0x5c8/0x690 mm/swap_state.c:335 __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline] tlb_batch_pages_flush mm/mmu_gather.c:149 [inline] tlb_flush_mmu_free mm/mmu_gather.c:366 [inline] tlb_flush_mmu+0x3a3/0x680 mm/mmu_gather.c:373 tlb_finish_mmu+0xd4/0x200 mm/mmu_gather.c:465 exit_mmap+0x496/0xc40 mm/mmap.c:1926 __mmput+0x115/0x390 kernel/fork.c:1348 exit_mm+0x220/0x310 kernel/exit.c:571 do_exit+0x9b2/0x28e0 kernel/exit.c:926 do_group_exit+0x207/0x2c0 kernel/exit.c:1088 __do_sys_exit_group kernel/exit.c:1099 [inline] __se_sys_exit_group kernel/exit.c:1097 [inline] __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1097 x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Modules linked in: CPU: 0 UID: 0 PID: 8442 Comm: syz.5.504 Not tainted 6.12.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 bad_page+0x176/0x1d0 mm/page_alloc.c:501 free_page_is_bad mm/page_alloc.c:918 [inline] free_pages_prepare mm/page_alloc.c:1100 [inline] free_unref_page+0xed0/0xf20 mm/page_alloc.c:2638 kvm_destroy_vm virt/kvm/kvm_main.c:1327 [inline] kvm_put_kvm+0xc75/0x1350 virt/kvm/kvm_main.c:1386 kvm_vcpu_release+0x54/0x60 virt/kvm/kvm_main.c:4143 __fput+0x23f/0x880 fs/file_table.c:431 task_work_run+0x24f/0x310 kernel/task_work.c:239 exit_task_work include/linux/task_work.h:43 [inline] do_exit+0xa2f/0x28e0 kernel/exit.c:939 do_group_exit+0x207/0x2c0 kernel/exit.c:1088 __do_sys_exit_group kernel/exit.c:1099 [in ---truncated---
{
"affected": [],
"aliases": [
"CVE-2024-53105"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-02T14:15:11Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: page_alloc: move mlocked flag clearance into free_pages_prepare()\n\nSyzbot reported a bad page state problem caused by a page being freed\nusing free_page() still having a mlocked flag at free_pages_prepare()\nstage:\n\n BUG: Bad page state in process syz.5.504 pfn:61f45\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61f45\n flags: 0xfff00000080204(referenced|workingset|mlocked|node=0|zone=1|lastcpupid=0x7ff)\n raw: 00fff00000080204 0000000000000000 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n page_owner tracks the page as allocated\n page last allocated via order 0, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), pid 8443, tgid 8442 (syz.5.504), ts 201884660643, free_ts 201499827394\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1537\n prep_new_page mm/page_alloc.c:1545 [inline]\n get_page_from_freelist+0x303f/0x3190 mm/page_alloc.c:3457\n __alloc_pages_noprof+0x292/0x710 mm/page_alloc.c:4733\n alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265\n kvm_coalesced_mmio_init+0x1f/0xf0 virt/kvm/coalesced_mmio.c:99\n kvm_create_vm virt/kvm/kvm_main.c:1235 [inline]\n kvm_dev_ioctl_create_vm virt/kvm/kvm_main.c:5488 [inline]\n kvm_dev_ioctl+0x12dc/0x2240 virt/kvm/kvm_main.c:5530\n __do_compat_sys_ioctl fs/ioctl.c:1007 [inline]\n __se_compat_sys_ioctl+0x510/0xc90 fs/ioctl.c:950\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0xb4/0x110 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x34/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n page last free pid 8399 tgid 8399 stack trace:\n reset_page_owner include/linux/page_owner.h:25 [inline]\n free_pages_prepare mm/page_alloc.c:1108 [inline]\n free_unref_folios+0xf12/0x18d0 mm/page_alloc.c:2686\n folios_put_refs+0x76c/0x860 mm/swap.c:1007\n free_pages_and_swap_cache+0x5c8/0x690 mm/swap_state.c:335\n __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline]\n tlb_batch_pages_flush mm/mmu_gather.c:149 [inline]\n tlb_flush_mmu_free mm/mmu_gather.c:366 [inline]\n tlb_flush_mmu+0x3a3/0x680 mm/mmu_gather.c:373\n tlb_finish_mmu+0xd4/0x200 mm/mmu_gather.c:465\n exit_mmap+0x496/0xc40 mm/mmap.c:1926\n __mmput+0x115/0x390 kernel/fork.c:1348\n exit_mm+0x220/0x310 kernel/exit.c:571\n do_exit+0x9b2/0x28e0 kernel/exit.c:926\n do_group_exit+0x207/0x2c0 kernel/exit.c:1088\n __do_sys_exit_group kernel/exit.c:1099 [inline]\n __se_sys_exit_group kernel/exit.c:1097 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1097\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n Modules linked in:\n CPU: 0 UID: 0 PID: 8442 Comm: syz.5.504 Not tainted 6.12.0-rc6-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n bad_page+0x176/0x1d0 mm/page_alloc.c:501\n free_page_is_bad mm/page_alloc.c:918 [inline]\n free_pages_prepare mm/page_alloc.c:1100 [inline]\n free_unref_page+0xed0/0xf20 mm/page_alloc.c:2638\n kvm_destroy_vm virt/kvm/kvm_main.c:1327 [inline]\n kvm_put_kvm+0xc75/0x1350 virt/kvm/kvm_main.c:1386\n kvm_vcpu_release+0x54/0x60 virt/kvm/kvm_main.c:4143\n __fput+0x23f/0x880 fs/file_table.c:431\n task_work_run+0x24f/0x310 kernel/task_work.c:239\n exit_task_work include/linux/task_work.h:43 [inline]\n do_exit+0xa2f/0x28e0 kernel/exit.c:939\n do_group_exit+0x207/0x2c0 kernel/exit.c:1088\n __do_sys_exit_group kernel/exit.c:1099 [in\n---truncated---",
"id": "GHSA-h3v5-36cc-xmc7",
"modified": "2025-11-03T21:31:39Z",
"published": "2024-12-02T15:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53105"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2521664c1fc0fcea825ef0b4d8e2dfb622bc0f9a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/66edc3a5894c74f8887c8af23b97593a0dd0df4d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7873d11911cd1d21e25c354eb130d8c3b5cb3ca5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/81ad32b87eb91b627a4b0d8760434e5fac4b993a"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H3XV-G92M-M7CV
Vulnerability from github – Published: 2026-02-14 18:30 – Updated: 2026-03-18 15:30In the Linux kernel, the following vulnerability has been resolved:
drm/imx/tve: fix probe device leak
Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind.
{
"affected": [],
"aliases": [
"CVE-2026-23170"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-14T16:15:57Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imx/tve: fix probe device leak\n\nMake sure to drop the reference taken to the DDC device during probe on\nprobe failure (e.g. probe deferral) and on driver unbind.",
"id": "GHSA-h3xv-g92m-m7cv",
"modified": "2026-03-18T15:30:40Z",
"published": "2026-02-14T18:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23170"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4aaff8f6ab38f81e00ab8aa1fcfb7eb20cd87ba1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/52755c5680ce333b33d0750a200fbc99420ed2b2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/77365382585b40559d63538d09e26e4b2af28fbc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9a15d3fdc22d48f597792aee0cf1bf0947fc62e6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ca68745e820ecd210e3ab018497c9e6b69025c4b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e535c23513c63f02f67e3e09e0787907029efeaf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f212652982c6725986cfa42fbf10d1dfa92c010e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H43W-G7P8-4G9G
Vulnerability from github – Published: 2026-05-08 15:31 – Updated: 2026-05-15 15:30In the Linux kernel, the following vulnerability has been resolved:
net: mctp: fix device leak on probe failure
Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the structures are needed after disconnect.
This driver takes a reference to the USB device during probe but does not to release it on probe failures.
Drop the redundant device reference to fix the leak, reduce cargo culting, make it easier to spot drivers where an extra reference is needed, and reduce the risk of further memory leaks.
{
"affected": [],
"aliases": [
"CVE-2026-43375"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-08T15:16:48Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: fix device leak on probe failure\n\nDriver core holds a reference to the USB interface and its parent USB\ndevice while the interface is bound to a driver and there is no need to\ntake additional references unless the structures are needed after\ndisconnect.\n\nThis driver takes a reference to the USB device during probe but does\nnot to release it on probe failures.\n\nDrop the redundant device reference to fix the leak, reduce cargo\nculting, make it easier to spot drivers where an extra reference is\nneeded, and reduce the risk of further memory leaks.",
"id": "GHSA-h43w-g7p8-4g9g",
"modified": "2026-05-15T15:30:34Z",
"published": "2026-05-08T15:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43375"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/224a0d284c3caf1951302d1744a714784febed71"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3224990fb16a831aabc50b67c74f5d0074ce80dd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ec9538f9b5cd1db5e8c612aa636b6119b6355c5d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H445-49J7-8JW7
Vulnerability from github – Published: 2024-04-28 15:30 – Updated: 2025-01-07 18:30In the Linux kernel, the following vulnerability has been resolved:
netfilter: ebtables: fix memory leak when blob is malformed
The bug fix was incomplete, it "replaced" crash with a memory leak. The old code had an assignment to "ret" embedded into the conditional, restore this.
{
"affected": [],
"aliases": [
"CVE-2022-48641"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-28T13:15:06Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ebtables: fix memory leak when blob is malformed\n\nThe bug fix was incomplete, it \"replaced\" crash with a memory leak.\nThe old code had an assignment to \"ret\" embedded into the conditional,\nrestore this.",
"id": "GHSA-h445-49j7-8jw7",
"modified": "2025-01-07T18:30:42Z",
"published": "2024-04-28T15:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48641"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1e98318af2f163eadaff815abcef38d27ca92c1e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/38cf372b17f0a5f35c1b716a100532d539f0eb33"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/62ce44c4fff947eebdf10bb582267e686e6835c9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/754e8b74281dd54a324698803483f47cf3355ae1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d5917b7af7cae0e2804f9d127a03268035098b7f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H46P-WF26-6WCW
Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2022-11-08 12:00A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
{
"affected": [],
"aliases": [
"CVE-2019-19060"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-18T06:15:00Z",
"severity": "HIGH"
},
"details": "A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.",
"id": "GHSA-h46p-wf26-6wcw",
"modified": "2022-11-08T12:00:23Z",
"published": "2022-05-24T17:01:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19060"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20191205-0001"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4208-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4210-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4226-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4364-1"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H486-XVMM-2JHG
Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-05-24 19:08The fUSBHub driver in the PCoIP Software Client prior to version 21.07.0 had an error in object management during the handling of a variety of IOCTLs, which allowed an attacker to cause a denial of service.
{
"affected": [],
"aliases": [
"CVE-2021-25701"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-21T15:15:00Z",
"severity": "MODERATE"
},
"details": "The fUSBHub driver in the PCoIP Software Client prior to version 21.07.0 had an error in object management during the handling of a variety of IOCTLs, which allowed an attacker to cause a denial of service.",
"id": "GHSA-h486-xvmm-2jhg",
"modified": "2022-05-24T19:08:46Z",
"published": "2022-05-24T19:08:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25701"
},
{
"type": "WEB",
"url": "https://advisory.teradici.com/security-advisories/103"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-H4CF-6CP4-Q2CW
Vulnerability from github – Published: 2025-09-18 15:30 – Updated: 2025-12-11 15:30In the Linux kernel, the following vulnerability has been resolved:
USB: sl811: fix memory leak with using debugfs_lookup()
When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.
{
"affected": [],
"aliases": [
"CVE-2023-53417"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-18T14:15:45Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: sl811: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"id": "GHSA-h4cf-6cp4-q2cw",
"modified": "2025-12-11T15:30:30Z",
"published": "2025-09-18T15:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53417"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/04fdfec7b0286972cb5457ef958c92585447a39f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/54166af8941d0cf46b65cfa2fbce76e38d82fadf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bb4d5eefb67095d7c3b70b08498b23b7f2895f76"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e1523c4dbc54e164638ff8729d511cf91e27be04"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H4GM-C37Q-GJJR
Vulnerability from github – Published: 2025-09-16 15:32 – Updated: 2025-12-02 21:31In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path
In the error path of hws_pool_buddy_init(), the buddy allocator cleanup doesn't free the allocator structure itself, causing a memory leak.
Add the missing kfree() to properly release all allocated memory.
{
"affected": [],
"aliases": [
"CVE-2025-39830"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-16T14:15:51Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path\n\nIn the error path of hws_pool_buddy_init(), the buddy allocator cleanup\ndoesn\u0027t free the allocator structure itself, causing a memory leak.\n\nAdd the missing kfree() to properly release all allocated memory.",
"id": "GHSA-h4gm-c37q-gjjr",
"modified": "2025-12-02T21:31:27Z",
"published": "2025-09-16T15:32:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39830"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2c0a959bebdc1ada13cf9a8242f177c5400299e6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/86d13a6f49cb68aa91bd718b1b627e72e77285c1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.