Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-5H69-P33W-HQQJ

Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-14 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/pm: add missing ->fini_xxxx interfaces for some SMU13 asics

Without these, potential memory leak may be induced.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49965"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:23Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: add missing -\u003efini_xxxx interfaces for some SMU13 asics\n\nWithout these, potential memory leak may be induced.",
  "id": "GHSA-5h69-p33w-hqqj",
  "modified": "2025-11-14T18:31:23Z",
  "published": "2025-06-18T12:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49965"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/22a75c616f1971c23838506b14971a4ef4a66bd7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4bac1c846eff8042dd59ddecd0a43f3b9de5fd23"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5H8J-93H4-MM7V

Vulnerability from github – Published: 2024-07-29 18:30 – Updated: 2026-05-12 12:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers

register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42070"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-29T16:15:06Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers\n\nregister store validation for NFT_DATA_VALUE is conditional, however,\nthe datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This\nonly requires a new helper function to infer the register type from the\nset datatype so this conditional check can be removed. Otherwise,\npointer to chain object can be leaked through the registers.",
  "id": "GHSA-5h8j-93h4-mm7v",
  "modified": "2026-05-12T12:32:03Z",
  "published": "2024-07-29T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42070"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/23752737c6a618e994f9a310ec2568881a6b49c4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/40188a25a9847dbeb7ec67517174a835a677752f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/41a6375d48deaf7f730304b5153848bfa1c2980f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/461302e07f49687ffe7d105fa0a330c07c7646d8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5d43d789b57943720dca4181a05f6477362b94cf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7931d32955e09d0a11b1fe0b6aac1bfa061c005c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/952bf8df222599baadbd4f838a49c4fef81d2564"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/efb27ad05949403848f487823b597ed67060e007"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5HVH-V86P-HC95

Vulnerability from github – Published: 2025-08-14 18:31 – Updated: 2025-08-14 18:31
VLAI
Details

A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS condition.

This vulnerability is due to ineffective validation of user-supplied input during the Remote Access SSL VPN authentication process. An attacker could exploit this vulnerability by sending a crafted request to the VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition where the device stops responding to Remote Access SSL VPN authentication requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20133"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-14T17:15:34Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS condition.\n\nThis vulnerability is due to ineffective validation of user-supplied input during the Remote Access SSL VPN authentication process. An attacker could exploit this vulnerability by sending a crafted request to the VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition where the device stops responding to Remote Access SSL VPN authentication requests.",
  "id": "GHSA-5hvh-v86p-hc95",
  "modified": "2025-08-14T18:31:28Z",
  "published": "2025-08-14T18:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20133"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-dos-mfPekA6e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5JHP-6HHP-5Q5G

Vulnerability from github – Published: 2024-06-20 12:31 – Updated: 2024-09-18 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()

After commit e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated"). For tear down scenario, fn is only freed after fail to allocate ir_domain, though it also should be freed in case dmar_enable_qi returns error.

Besides free fn, irq_domain and ir_msi_domain need to be removed as well if intel_setup_irq_remapping fails to enable queued invalidation.

Improve the rewinding path by add out_free_ir_domain and out_free_fwnode lables per Baolu's suggestion.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48724"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-20T12:15:10Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()\n\nAfter commit e3beca48a45b (\"irqdomain/treewide: Keep firmware node\nunconditionally allocated\"). For tear down scenario, fn is only freed\nafter fail to allocate ir_domain, though it also should be freed in case\ndmar_enable_qi returns error.\n\nBesides free fn, irq_domain and ir_msi_domain need to be removed as well\nif intel_setup_irq_remapping fails to enable queued invalidation.\n\nImprove the rewinding path by add out_free_ir_domain and out_free_fwnode\nlables per Baolu\u0027s suggestion.",
  "id": "GHSA-5jhp-6hhp-5q5g",
  "modified": "2024-09-18T18:30:49Z",
  "published": "2024-06-20T12:31:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48724"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5JJ7-RMFX-38VV

Vulnerability from github – Published: 2024-05-20 12:30 – Updated: 2025-09-23 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

firmware: qcom: uefisecapp: Fix memory related IO errors and crashes

It turns out that while the QSEECOM APP_SEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory region. Failure to adhere to this has (so far) resulted in either no response being written to the response buffer (causing an EIO to be emitted down the line), the SCM call to fail with EINVAL (i.e., directly from TZ/firmware), or the device to be hard-reset.

While this issue can be triggered deterministically, in the current form it seems to happen rather sporadically (which is why it has gone unnoticed during earlier testing). This is likely due to the two kzalloc() calls (for request and response) being directly after each other. Which means that those likely return consecutive regions most of the time, especially when not much else is going on in the system.

Fix this by allocating a single memory region for both request and response buffers, properly aligning both structs inside it. This unfortunately also means that the qcom_scm_qseecom_app_send() interface needs to be restructured, as it should no longer map the DMA regions separately. Therefore, move the responsibility of DMA allocation (or mapping) to the caller.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35994"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-20T10:15:13Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: uefisecapp: Fix memory related IO errors and crashes\n\nIt turns out that while the QSEECOM APP_SEND command has specific fields\nfor request and response buffers, uefisecapp expects them both to be in\na single memory region. Failure to adhere to this has (so far) resulted\nin either no response being written to the response buffer (causing an\nEIO to be emitted down the line), the SCM call to fail with EINVAL\n(i.e., directly from TZ/firmware), or the device to be hard-reset.\n\nWhile this issue can be triggered deterministically, in the current form\nit seems to happen rather sporadically (which is why it has gone\nunnoticed during earlier testing). This is likely due to the two\nkzalloc() calls (for request and response) being directly after each\nother. Which means that those likely return consecutive regions most of\nthe time, especially when not much else is going on in the system.\n\nFix this by allocating a single memory region for both request and\nresponse buffers, properly aligning both structs inside it. This\nunfortunately also means that the qcom_scm_qseecom_app_send() interface\nneeds to be restructured, as it should no longer map the DMA regions\nseparately. Therefore, move the responsibility of DMA allocation (or\nmapping) to the caller.",
  "id": "GHSA-5jj7-rmfx-38vv",
  "modified": "2025-09-23T18:30:19Z",
  "published": "2024-05-20T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35994"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dd22b34fb53cb04b13b2f5eee5c9200bb091fc88"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ed09f81eeaa8f9265e1787282cb283f10285c259"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5JQG-5G42-MWGQ

Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-05-24 17:38
VLAI
Details

K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-11246"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-11T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.",
  "id": "GHSA-5jqg-5g42-mwgq",
  "modified": "2022-05-24T17:38:28Z",
  "published": "2022-05-24T17:38:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11246"
    },
    {
      "type": "WEB",
      "url": "https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021"
    },
    {
      "type": "WEB",
      "url": "https://www.k7computing.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-5JV6-7953-598P

Vulnerability from github – Published: 2024-05-03 18:30 – Updated: 2024-10-30 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix memory leak when using debugfs_lookup()

When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling dput().

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T16:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix memory leak when using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time.  Fix this up by properly\ncalling dput().",
  "id": "GHSA-5jv6-7953-598p",
  "modified": "2024-10-30T18:30:45Z",
  "published": "2024-05-03T18:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48698"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3a6279d243cb035eaaff1450980b40cf19748f05"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/58acd2ebae034db3bacf38708f508fbd12ae2e54"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cbfac7fa491651c57926c99edeb7495c6c1aeac2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5JX6-M427-9P5P

Vulnerability from github – Published: 2026-06-24 18:32 – Updated: 2026-06-28 09:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net: tls: fix strparser anchor skb leak on offload RX setup failure

When tls_set_device_offload_rx() fails at tls_dev_add(), the error path calls tls_sw_free_resources_rx() to clean up the SW context that was initialized by tls_set_sw_offload(). This function calls tls_sw_release_resources_rx() (which stops the strparser via tls_strp_stop()) and tls_sw_free_ctx_rx() (which kfrees the context), but never frees the anchor skb that was allocated by alloc_skb(0) in tls_strp_init().

Note that tls_sw_free_resources_rx() is exclusively used for this "failed to start offload" code path, there's no other caller.

The leak did not exist before commit 84c61fe1a75b ("tls: rx: do not use the standard strparser"), because the standard strparser doesn't try to pre-allocate an skb.

The normal close path in tls_sk_proto_close() handles cleanup by calling tls_sw_strparser_done() (which calls tls_strp_done()) after dropping the socket lock, because tls_strp_done() does cancel_work_sync() and the strparser work handler takes the socket lock.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-52974"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-24T17:17:07Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: fix strparser anchor skb leak on offload RX setup failure\n\nWhen tls_set_device_offload_rx() fails at tls_dev_add(), the error path\ncalls tls_sw_free_resources_rx() to clean up the SW context that was\ninitialized by tls_set_sw_offload(). This function calls\ntls_sw_release_resources_rx() (which stops the strparser via\ntls_strp_stop()) and tls_sw_free_ctx_rx() (which kfrees the context),\nbut never frees the anchor skb that was allocated by alloc_skb(0) in\ntls_strp_init().\n\nNote that tls_sw_free_resources_rx() is exclusively used for this\n\"failed to start offload\" code path, there\u0027s no other caller.\n\nThe leak did not exist before commit 84c61fe1a75b (\"tls: rx: do not use\nthe standard strparser\"), because the standard strparser doesn\u0027t try\nto pre-allocate an skb.\n\nThe normal close path in tls_sk_proto_close() handles cleanup by calling\ntls_sw_strparser_done() (which calls tls_strp_done()) after dropping\nthe socket lock, because tls_strp_done() does cancel_work_sync() and\nthe strparser work handler takes the socket lock.",
  "id": "GHSA-5jx6-m427-9p5p",
  "modified": "2026-06-28T09:31:37Z",
  "published": "2026-06-24T18:32:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-52974"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0c9f399b37ce22a5ed94cc51f03ed07ac7f38e32"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3c405dfa9619e506e75b8e41f8b29a5b99731877"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/58689498ca3384851145a754dbb1d8ed1cf9fb54"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/688f12aa44511dd57e448eb670075c6302ad1dc1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9c54e76f8d6eb11735918777ef0e0509e089557d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bd07fe6c38b9e44ff3fc02692a53f095c5cc9afc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5M92-7XMP-8C44

Vulnerability from github – Published: 2023-08-22 21:30 – Updated: 2024-04-04 07:07
VLAI
Details

An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-47010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-22T19:16:30Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.",
  "id": "GHSA-5m92-7xmp-8c44",
  "modified": "2024-04-04T07:07:37Z",
  "published": "2023-08-22T21:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47010"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29262"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5MG2-XWPP-QVMQ

Vulnerability from github – Published: 2024-05-01 15:30 – Updated: 2024-12-23 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: Fix a memory leak in nf_tables_updchain

If nft_netdev_register_hooks() fails, the memory associated with nft_stats is not freed, causing a memory leak.

This patch fixes it by moving nft_stats_alloc() down after nft_netdev_register_hooks() succeeds.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27064"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-01T13:15:50Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix a memory leak in nf_tables_updchain\n\nIf nft_netdev_register_hooks() fails, the memory associated with\nnft_stats is not freed, causing a memory leak.\n\nThis patch fixes it by moving nft_stats_alloc() down after\nnft_netdev_register_hooks() succeeds.",
  "id": "GHSA-5mg2-xwpp-qvmq",
  "modified": "2024-12-23T15:30:47Z",
  "published": "2024-05-01T15:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27064"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4e4623a4f6e133e671f65f9ac493bddaaf63e250"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/79846fdcc548d617b0b321addc6a3821d3b75b20"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7eaf837a4eb5f74561e2486972e7f5184b613f6e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e77a6b53a3a547b6dedfc40c37cee4f310701090"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.