Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-R48H-FG5X-5RQQ

Vulnerability from github – Published: 2024-04-10 21:30 – Updated: 2025-11-03 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: pm80xx: Fix memory leak during rmmod

Driver failed to release all memory allocated. This would lead to memory leak during driver removal.

Properly free memory when the module is removed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47193"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-10T19:15:47Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Fix memory leak during rmmod\n\nDriver failed to release all memory allocated. This would lead to memory\nleak during driver removal.\n\nProperly free memory when the module is removed.",
  "id": "GHSA-r48h-fg5x-5rqq",
  "modified": "2025-11-03T18:31:14Z",
  "published": "2024-04-10T21:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47193"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0c4398f2ee030d5753f6b0ad83f0ed9077851d9a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R4RX-4JR3-HMP7

Vulnerability from github – Published: 2026-01-31 12:30 – Updated: 2026-07-14 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()

Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails.

The issue occurs when: 1. gchan->config points to previously allocated memory 2. krealloc() fails and returns NULL 3. The function directly assigns NULL to gchan->config, losing the reference to the original memory 4. The original memory becomes unreachable and cannot be freed

Fix this by using a temporary variable to hold the krealloc() result and only updating gchan->config when the allocation succeeds.

Found via static analysis and code review.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23026"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-31T12:16:05Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()\n\nFix a memory leak in gpi_peripheral_config() where the original memory\npointed to by gchan-\u003econfig could be lost if krealloc() fails.\n\nThe issue occurs when:\n1. gchan-\u003econfig points to previously allocated memory\n2. krealloc() fails and returns NULL\n3. The function directly assigns NULL to gchan-\u003econfig, losing the\n   reference to the original memory\n4. The original memory becomes unreachable and cannot be freed\n\nFix this by using a temporary variable to hold the krealloc() result\nand only updating gchan-\u003econfig when the allocation succeeds.\n\nFound via static analysis and code review.",
  "id": "GHSA-r4rx-4jr3-hmp7",
  "modified": "2026-07-14T15:31:39Z",
  "published": "2026-01-31T12:30:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23026"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/01b1d781394fc9b83015e3a3cd46b17bda842bd8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3f747004bbd641131d9396d87b5d2d3d1e182728"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4532f18e4ab36def1f55cd936d0fc002b2ce34c2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/55a67ba5ac4cebfd54cc8305d4d57a0f1dfe6a85"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/694ab1f6f16cb69f7c5ef2452b22ba7b00a3c7c7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6bf4ef078fd11910988889a6c0b3698d2e0c89af"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R5GW-QWWG-WX9P

Vulnerability from github – Published: 2025-02-27 03:34 – Updated: 2025-10-28 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels

Some lwtunnels have a dst cache for post-transformation dst. If the packet destination did not change we may end up recording a reference to the lwtunnel in its own cache, and the lwtunnel state will never be freed.

Discovered by the ioam6.sh test, kmemleak was recently fixed to catch per-cpu memory leaks. I'm not sure if rpl and seg6 can actually hit this, but in principle I don't see why not.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21768"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-27T03:15:17Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels\n\nSome lwtunnels have a dst cache for post-transformation dst.\nIf the packet destination did not change we may end up recording\na reference to the lwtunnel in its own cache, and the lwtunnel\nstate will never be freed.\n\nDiscovered by the ioam6.sh test, kmemleak was recently fixed\nto catch per-cpu memory leaks. I\u0027m not sure if rpl and seg6\ncan actually hit this, but in principle I don\u0027t see why not.",
  "id": "GHSA-r5gw-qwwg-wx9p",
  "modified": "2025-10-28T21:30:28Z",
  "published": "2025-02-27T03:34:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21768"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4c0f200c7d06fedddde82209c099014d63f4a6c0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5ab11a4e219e93b8b31a27f8ec98d42afadd8b7a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/92191dd1073088753821b862b791dcc83e558e07"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R6GJ-CPPW-666P

Vulnerability from github – Published: 2024-07-16 15:30 – Updated: 2024-07-23 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

gianfar: ethtool: Fix refcount leak in gfar_get_ts_info

The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48856"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-16T13:15:12Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ngianfar: ethtool: Fix refcount leak in gfar_get_ts_info\n\nThe of_find_compatible_node() function returns a node pointer with\nrefcount incremented, We should use of_node_put() on it when done\nAdd the missing of_node_put() to release the refcount.",
  "id": "GHSA-r6gj-cppw-666p",
  "modified": "2024-07-23T15:31:08Z",
  "published": "2024-07-16T15:30:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48856"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0e1b9a2078e07fb1e6e91bf8badfd89ecab1e848"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/21044e679ed535345042d2023f7df0ca8e897e2a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2ac5b58e645c66932438bb021cb5b52097ce70b0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6263f2eb93a85ad7df504daf0c341a7fb6bbe8a6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f49f646f9ec296fc0afe7ae92c2bb47f23e3846c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f7b3b520349193f8a82cca74daf366199e06add9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R72C-CVXR-7838

Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2022-05-24 17:01
VLAI
Details

A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19050"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-18T06:15:00Z",
    "severity": "HIGH"
  },
  "details": "A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.",
  "id": "GHSA-r72c-cvxr-7838",
  "modified": "2022-05-24T17:01:28Z",
  "published": "2022-05-24T17:01:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19050"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/c03b04dcdba1da39903e23cc4d072abf8f68f2dd"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20191205-0001"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4258-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4284-1"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-R76R-GG8J-58C7

Vulnerability from github – Published: 2025-10-21 12:31 – Updated: 2025-10-21 12:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()

If no handler is found in lpfc_complete_unsol_iocb() to match the rctl of a received frame, the frame is dropped and resources are leaked.

Fix by returning resources when discarding an unhandled frame type. Update lpfc_fc_frame_check() handling of NOP basic link service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49521"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:28Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()\n\nIf no handler is found in lpfc_complete_unsol_iocb() to match the rctl of a\nreceived frame, the frame is dropped and resources are leaked.\n\nFix by returning resources when discarding an unhandled frame type.  Update\nlpfc_fc_frame_check() handling of NOP basic link service.",
  "id": "GHSA-r76r-gg8j-58c7",
  "modified": "2025-10-21T12:31:26Z",
  "published": "2025-10-21T12:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49521"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/08709769ff2fb6c5ffedcda3742700d8ea1618a8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/40cf4ea4d2d497f7732c87d350ba5c3f5e8a43a1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/646db1a560f44236b7278b822ca99a1d3b6ea72c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7860d8f8082605b57596aa82d3d438c1fdad9a9e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fa1b509d41c5433672f72c0615cf4aefa0611c99"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R7CW-MJVX-CHX8

Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-16 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

s390/dasd: Fix potential memleak in dasd_eckd_init()

dasd_reserve_req is allocated before dasd_vol_info_req, and it also needs to be freed before the error returns, just like the other cases in this function.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53449"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T12:15:41Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: Fix potential memleak in dasd_eckd_init()\n\n`dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it\nalso needs to be freed before the error returns, just like the other\ncases in this function.",
  "id": "GHSA-r7cw-mjvx-chx8",
  "modified": "2026-01-16T21:30:29Z",
  "published": "2025-10-01T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53449"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/460e9bed82e49db1b823dcb4e421783854d86c40"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/544a552be0869231799784279d52704c4d314d33"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a50e28d433acf22258f9f34831057387f04ef074"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aede5230d154b6b237985ec9df7ebbd1dce96810"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ee986d80acdef710a886be404308188ea11000c8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ef3a7ffc0a6f833578bc8d1dcb79d0633c7e4ec3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R7XH-CR9C-6WXQ

Vulnerability from github – Published: 2025-09-17 15:30 – Updated: 2025-12-10 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

staging: vt6655: fix some erroneous memory clean-up loops

In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some clean-up codes in case of allocation failure, which free memory in reverse order with 'i' decreasing to 0. However, there are some problems: - The case i=0 is left out. Thus memory is leaked. - In case memory allocation fails right from the start, the memory freeing loops will start with i=-1 and invalid memory locations will be accessed.

One of these loops has been fixed in commit c8ff91535880 ("staging: vt6655: fix potential memory leak"). Fix the remaining erroneous loops.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50355"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-17T15:15:34Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: vt6655: fix some erroneous memory clean-up loops\n\nIn some initialization functions of this driver, memory is allocated with\n\u0027i\u0027 acting as an index variable and increasing from 0. The commit in\n\"Fixes\" introduces some clean-up codes in case of allocation failure,\nwhich free memory in reverse order with \u0027i\u0027 decreasing to 0. However,\nthere are some problems:\n  - The case i=0 is left out. Thus memory is leaked.\n  - In case memory allocation fails right from the start, the memory\n    freeing loops will start with i=-1 and invalid memory locations will\n    be accessed.\n\nOne of these loops has been fixed in commit c8ff91535880 (\"staging:\nvt6655: fix potential memory leak\"). Fix the remaining erroneous loops.",
  "id": "GHSA-r7xh-cr9c-6wxq",
  "modified": "2025-12-10T18:30:21Z",
  "published": "2025-09-17T15:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50355"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2a2db520e3ca5aafba7c211abfd397666c9b5f9d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/637672a71f5016a40b0a6c0f3c8ad25eacedc8c3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/88b9cc60f26e8a05d1ddbddf91b09ca2915f20e0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/95ac62e8545be2b0a8cae0beef7c682e2e470e48"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a9e9806d1c315bc50dce05479a079b9a104474b8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ed11b73c963292e7b49c0f37025c58ed3b7921d6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f19e5b7df54590c831f350381963f25585c8f7d5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R8F4-8Q33-J98Q

Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2024-03-21 03:33
VLAI
Details

Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19067"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-18T06:15:00Z",
    "severity": "HIGH"
  },
  "details": "Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874.",
  "id": "GHSA-r8f4-8q33-j98q",
  "modified": "2024-03-21T03:33:47Z",
  "published": "2022-05-24T17:01:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19067"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/57be09c6e8747bf48704136d9e3f92bfb93f5725"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157180"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4208-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4226-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4526-1"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R93J-WMMW-G27P

Vulnerability from github – Published: 2022-08-26 00:03 – Updated: 2022-09-01 00:00
VLAI
Details

There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42523"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-25T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the \u0027err_msg\u0027 of \u0027sqlite3_exec\u0027 is not releasing after use, while libxml2 emphasizes that the caller needs to release it.",
  "id": "GHSA-r93j-wmmw-g27p",
  "modified": "2022-09-01T00:00:22Z",
  "published": "2022-08-26T00:03:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42523"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hughsie/colord/issues/110"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.