Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-HXVP-23FC-849F

Vulnerability from github – Published: 2025-07-25 15:30 – Updated: 2025-11-19 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

firmware: arm_ffa: Fix memory leak by freeing notifier callback node

Commit e0573444edbf ("firmware: arm_ffa: Add interfaces to request notification callbacks") adds support for notifier callbacks by allocating and inserting a callback node into a hashtable during registration of notifiers. However, during unregistration, the code only removes the node from the hashtable without freeing the associated memory, resulting in a memory leak.

Resolve the memory leak issue by ensuring the allocated notifier callback node is properly freed after it is removed from the hashtable entry.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38390"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-25T13:15:28Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_ffa: Fix memory leak by freeing notifier callback node\n\nCommit e0573444edbf (\"firmware: arm_ffa: Add interfaces to request\nnotification callbacks\") adds support for notifier callbacks by allocating\nand inserting a callback node into a hashtable during registration of\nnotifiers. However, during unregistration, the code only removes the\nnode from the hashtable without freeing the associated memory, resulting\nin a memory leak.\n\nResolve the memory leak issue by ensuring the allocated notifier callback\nnode is properly freed after it is removed from the hashtable entry.",
  "id": "GHSA-hxvp-23fc-849f",
  "modified": "2025-11-19T21:31:16Z",
  "published": "2025-07-25T15:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38390"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/076fa20b4f5737c34921dbb152f9efceaee571b2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/938827c440564b2cf2f9b804d1fe81ce8267eded"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a833d31ad867103ba72a0b73f3606f4ab8601719"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J293-PR7F-6PG6

Vulnerability from github – Published: 2022-10-17 12:00 – Updated: 2022-10-19 12:00
VLAI
Details

A vulnerability was found in Linux Kernel and classified as problematic. Affected by this issue is the function ipaddr_link_get of the file ip/ipaddress.c of the component iproute2. The manipulation leads to memory leak. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211028.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-3530"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-404"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-16T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability was found in Linux Kernel and classified as problematic. Affected by this issue is the function ipaddr_link_get of the file ip/ipaddress.c of the component iproute2. The manipulation leads to memory leak. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211028.",
  "id": "GHSA-j293-pr7f-6pg6",
  "modified": "2022-10-19T12:00:19Z",
  "published": "2022-10-17T12:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3530"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=1d540336b026ed5bfe10eefac383db7f434d842f"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.211028"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J299-XP2P-5FM9

Vulnerability from github – Published: 2022-05-24 17:08 – Updated: 2022-05-24 17:08
VLAI
Details

An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-7217"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-02-11T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.",
  "id": "GHSA-j299-xp2p-5fm9",
  "modified": "2022-05-24T17:08:43Z",
  "published": "2022-05-24T17:08:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7217"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1160906"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openSUSE/wicked/releases"
    },
    {
      "type": "WEB",
      "url": "https://www.suse.com/security/cve/CVE-2020-7217"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00011.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J2QH-JQPH-8MRQ

Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2022-05-24 16:49
VLAI
Details

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-13137"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-07-01T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.",
  "id": "GHSA-j2qh-jqph-8mrq",
  "modified": "2022-05-24T16:49:08Z",
  "published": "2022-05-24T16:49:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13137"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/issues/1601"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4192-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4712"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J389-H5QC-XPXP

Vulnerability from github – Published: 2025-10-07 18:31 – Updated: 2026-02-04 00:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

accel/qaic: Fix a leak in map_user_pages()

If get_user_pages_fast() allocates some pages but not as many as we wanted, then the current code leaks those pages. Call put_page() on the pages before returning.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53633"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-07T16:15:46Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix a leak in map_user_pages()\n\nIf get_user_pages_fast() allocates some pages but not as many as we\nwanted, then the current code leaks those pages.  Call put_page() on\nthe pages before returning.",
  "id": "GHSA-j389-h5qc-xpxp",
  "modified": "2026-02-04T00:30:26Z",
  "published": "2025-10-07T18:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53633"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/73274c33d961f4aa0f968f763e2c9f4210b4f4a3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cdcba752a3d48fbe6f05cf2c91ab9497c8daad0c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J3Q7-2R25-Q5J7

Vulnerability from github – Published: 2023-11-27 00:30 – Updated: 2023-11-27 00:30
VLAI
Details

A vulnerability, which was classified as problematic, has been found in Apryse iText 8.0.2. This issue affects some unknown processing of the file PdfDocument.java of the component Reference Table Handler. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246125 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6299"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-26T23:15:07Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability, which was classified as problematic, has been found in Apryse iText 8.0.2. This issue affects some unknown processing of the file PdfDocument.java of the component Reference Table Handler. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246125 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-j3q7-2r25-q5j7",
  "modified": "2023-11-27T00:30:31Z",
  "published": "2023-11-27T00:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6299"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1_jeD7SvuliKc_02pPTPbfSnqAErzmFny/view?usp=sharing"
    },
    {
      "type": "WEB",
      "url": "https://kb.itextpdf.com/home/it7kb/releases/release-itext-core-8-0-2#ReleaseiTextCore8.0.2-Bugfixesandmiscellaneous"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.246125"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.246125"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J42J-7596-MCR4

Vulnerability from github – Published: 2022-05-24 17:17 – Updated: 2024-03-21 03:33
VLAI
Details

gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-12656"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-05-05T06:15:00Z",
    "severity": "LOW"
  },
  "details": "gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak.",
  "id": "GHSA-j42j-7596-mcr4",
  "modified": "2024-03-21T03:33:55Z",
  "published": "2022-05-24T17:17:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12656"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.kernel.org/show_bug.cgi?id=206651"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4483-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4485-1"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J48F-PHXX-H43M

Vulnerability from github – Published: 2022-05-24 22:00 – Updated: 2022-05-24 22:00
VLAI
Details

ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-16711"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-23T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.",
  "id": "GHSA-j48f-phxx-h43m",
  "modified": "2022-05-24T22:00:41Z",
  "published": "2022-05-24T22:00:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16711"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/issues/1542"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4192-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4712"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J48M-667V-9R7R

Vulnerability from github – Published: 2025-09-16 15:32 – Updated: 2025-12-03 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ubifs: Fix memory leak in ubifs_sysfs_init()

When insmod ubifs.ko, a kmemleak reported as below:

unreferenced object 0xffff88817fb1a780 (size 8): comm "insmod", pid 25265, jiffies 4295239702 (age 100.130s) hex dump (first 8 bytes): 75 62 69 66 73 00 ff ff ubifs... backtrace: [] slab_post_alloc_hook+0x9c/0x3c0 [] __kmalloc_track_caller+0x183/0x410 [] kstrdup+0x3a/0x80 [] kstrdup_const+0x66/0x80 [] kvasprintf_const+0x155/0x190 [] kobject_set_name_vargs+0x5b/0x150 [] kobject_set_name+0xbb/0xf0 [] do_one_initcall+0x14c/0x5a0 [] do_init_module+0x1f0/0x660 [] load_module+0x6d7e/0x7590 [] __do_sys_finit_module+0x19f/0x230 [] __x64_sys_finit_module+0x73/0xb0 [] do_syscall_64+0x35/0x80 [] entry_SYSCALL_64_after_hwframe+0x63/0xcd

When kset_register() failed, we should call kset_put to cleanup it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53278"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-16T08:15:36Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix memory leak in ubifs_sysfs_init()\n\nWhen insmod ubifs.ko, a kmemleak reported as below:\n\n unreferenced object 0xffff88817fb1a780 (size 8):\n   comm \"insmod\", pid 25265, jiffies 4295239702 (age 100.130s)\n   hex dump (first 8 bytes):\n     75 62 69 66 73 00 ff ff                          ubifs...\n   backtrace:\n     [\u003cffffffff81b3fc4c\u003e] slab_post_alloc_hook+0x9c/0x3c0\n     [\u003cffffffff81b44bf3\u003e] __kmalloc_track_caller+0x183/0x410\n     [\u003cffffffff8198d3da\u003e] kstrdup+0x3a/0x80\n     [\u003cffffffff8198d486\u003e] kstrdup_const+0x66/0x80\n     [\u003cffffffff83989325\u003e] kvasprintf_const+0x155/0x190\n     [\u003cffffffff83bf55bb\u003e] kobject_set_name_vargs+0x5b/0x150\n     [\u003cffffffff83bf576b\u003e] kobject_set_name+0xbb/0xf0\n     [\u003cffffffff8100204c\u003e] do_one_initcall+0x14c/0x5a0\n     [\u003cffffffff8157e380\u003e] do_init_module+0x1f0/0x660\n     [\u003cffffffff815857be\u003e] load_module+0x6d7e/0x7590\n     [\u003cffffffff8158644f\u003e] __do_sys_finit_module+0x19f/0x230\n     [\u003cffffffff815866b3\u003e] __x64_sys_finit_module+0x73/0xb0\n     [\u003cffffffff88c98e85\u003e] do_syscall_64+0x35/0x80\n     [\u003cffffffff88e00087\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nWhen kset_register() failed, we should call kset_put to cleanup it.",
  "id": "GHSA-j48m-667v-9r7r",
  "modified": "2025-12-03T18:30:20Z",
  "published": "2025-09-16T15:32:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53278"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1c5fdf2d4647219d2267ccb08c7f2c7095bf3450"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/203a55f04f66eea1a1ca7e5a302a7f5c99c62327"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d42c2b18c42da7378e67b6414aafe93b65de89d1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J48P-M2M2-H4M7

Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07
VLAI
Details

A missing release of memory after its effective lifetime vulnerability in the Webmail of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6 may allow an unauthenticated remote attacker to exhaust available memory via specifically crafted login requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-26090"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-12T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "A missing release of memory after its effective lifetime vulnerability in the Webmail of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6 may allow an unauthenticated remote attacker to exhaust available memory via specifically crafted login requests.",
  "id": "GHSA-j48p-m2m2-h4m7",
  "modified": "2022-05-24T19:07:31Z",
  "published": "2022-05-24T19:07:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26090"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/advisory/FG-IR-21-042"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.