CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-6FMP-GCQX-7933
Vulnerability from github – Published: 2025-03-14 00:30 – Updated: 2025-03-14 00:30In the Linux kernel, the following vulnerability has been resolved:
mm/huge_memory: Fix xarray node memory leak
If xas_split_alloc() fails to allocate the necessary nodes to complete the xarray entry split, it sets the xa_state to -ENOMEM, which xas_nomem() then interprets as "Please allocate more memory", not as "Please free any unnecessary memory" (which was the intended outcome). It's confusing to use xas_nomem() to free memory in this context, so call xas_destroy() instead.
{
"affected": [],
"aliases": [
"CVE-2022-49334"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:10Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: Fix xarray node memory leak\n\nIf xas_split_alloc() fails to allocate the necessary nodes to complete the\nxarray entry split, it sets the xa_state to -ENOMEM, which xas_nomem()\nthen interprets as \"Please allocate more memory\", not as \"Please free\nany unnecessary memory\" (which was the intended outcome). It\u0027s confusing\nto use xas_nomem() to free memory in this context, so call xas_destroy()\ninstead.",
"id": "GHSA-6fmp-gcqx-7933",
"modified": "2025-03-14T00:30:51Z",
"published": "2025-03-14T00:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49334"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/69a37a8ba1b408a1c7616494aa7018e4b3844cbe"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/95c8181b4947e000f3b9b8e5918d899fce77b93d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c0c84962e297927ba57fd6ddc2bb000c9d149655"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6FMV-C3MQ-XJPQ
Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-05-07 15:31In the Linux kernel, the following vulnerability has been resolved:
nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
nfcmrvl_i2c_nci_send() will be called by nfcmrvl_nci_send(), and skb should be freed in nfcmrvl_i2c_nci_send(). However, nfcmrvl_nci_send() will only free skb when i2c_master_send() return >=0, which means skb will memleak when i2c_master_send() failed. Free skb no matter whether i2c_master_send() succeeds.
{
"affected": [],
"aliases": [
"CVE-2022-49922"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T15:16:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()\n\nnfcmrvl_i2c_nci_send() will be called by nfcmrvl_nci_send(), and skb\nshould be freed in nfcmrvl_i2c_nci_send(). However, nfcmrvl_nci_send()\nwill only free skb when i2c_master_send() return \u003e=0, which means skb\nwill memleak when i2c_master_send() failed. Free skb no matter whether\ni2c_master_send() succeeds.",
"id": "GHSA-6fmv-c3mq-xjpq",
"modified": "2025-05-07T15:31:27Z",
"published": "2025-05-01T15:31:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49922"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/52438e734c1566f5e2bcd9a065d2d65e306c0555"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5dfdac5e3f8db5f4445228c44f64091045644a3b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/825656ae61e73ddc05f585e6258d284c87064b10"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/92a1df9c6da20c02cf9872f8b025a66ddb307aeb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/93d904a734a74c54d945a9884b4962977f1176cd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c8e7d4a1166f063703955f1b2e765a6db5bf1771"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dd0ee55ead91fbb16889dbe7ff0b0f7c9e4e849d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f30060efcf18883748a0541aa41acef183cd9c0e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6FQ9-84G8-2VC6
Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-24 18:32In the Linux kernel, the following vulnerability has been resolved:
spi: fix resource leaks on device setup failure
Make sure to call controller cleanup() if spi_setup() fails while registering a device to avoid leaking any resources allocated by setup().
{
"affected": [],
"aliases": [
"CVE-2026-46083"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-27T14:17:29Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix resource leaks on device setup failure\n\nMake sure to call controller cleanup() if spi_setup() fails while\nregistering a device to avoid leaking any resources allocated by\nsetup().",
"id": "GHSA-6fq9-84g8-2vc6",
"modified": "2026-06-24T18:32:31Z",
"published": "2026-05-27T15:33:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46083"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/11baa8b24bcb07ae2048f2566a220021d766abe0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1e774294b2f944f59e03a04eb438768a4b93c3ce"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a2c817c629430fbbd54273525b472dac96e2c8fd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/db357034f7e0cf23f233f414a8508312dfe8fbbe"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dbcead54b12468d9aa54c0e1f0042d838ec3b0ae"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e0401de43dac00f3e4841ca2aeb98bc10a4c5f13"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6GC4-7FW9-FPV7
Vulnerability from github – Published: 2022-11-02 19:00 – Updated: 2022-11-04 12:00GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_list_new at utils/list.c.
{
"affected": [],
"aliases": [
"CVE-2022-43254"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-02T14:15:00Z",
"severity": "MODERATE"
},
"details": "GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_list_new at utils/list.c.",
"id": "GHSA-6gc4-7fw9-fpv7",
"modified": "2022-11-04T12:00:23Z",
"published": "2022-11-02T19:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43254"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/issues/2284"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6GQ6-HXJH-9GRQ
Vulnerability from github – Published: 2026-06-25 09:31 – Updated: 2026-07-06 15:30In the Linux kernel, the following vulnerability has been resolved:
vsock/vmci: fix sk_ack_backlog leak on failed handshake
When vmci_transport_recv_connecting_server() returns an error, vmci_transport_recv_listen() calls vsock_remove_pending() but never calls sk_acceptq_removed(). This leaves sk_ack_backlog incremented permanently.
Repeated handshake failures (malformed packets, queue pair alloc failure, event subscribe failure) cause sk_ack_backlog to climb toward sk_max_ack_backlog. Once it reaches the limit the listener permanently refuses all new connections with -ECONNREFUSED, a silent denial of service requiring a process restart to recover.
The two existing sk_acceptq_removed() calls in af_vsock.c do not cover this path: line 764 checks vsock_is_pending() which returns false after vsock_remove_pending(), and line 1889 is only reached on successful accept().
Fix by balancing sk_acceptq_added() with sk_acceptq_removed() on the error path.
{
"affected": [],
"aliases": [
"CVE-2026-53181"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-25T09:16:35Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/vmci: fix sk_ack_backlog leak on failed handshake\n\nWhen vmci_transport_recv_connecting_server() returns an error,\nvmci_transport_recv_listen() calls vsock_remove_pending() but never\ncalls sk_acceptq_removed(). This leaves sk_ack_backlog incremented\npermanently.\n\nRepeated handshake failures (malformed packets, queue pair alloc\nfailure, event subscribe failure) cause sk_ack_backlog to climb\ntoward sk_max_ack_backlog. Once it reaches the limit the listener\npermanently refuses all new connections with -ECONNREFUSED, a\nsilent denial of service requiring a process restart to recover.\n\nThe two existing sk_acceptq_removed() calls in af_vsock.c do not\ncover this path: line 764 checks vsock_is_pending() which returns\nfalse after vsock_remove_pending(), and line 1889 is only reached\non successful accept().\n\nFix by balancing sk_acceptq_added() with sk_acceptq_removed() on\nthe error path.",
"id": "GHSA-6gq6-hxjh-9grq",
"modified": "2026-07-06T15:30:41Z",
"published": "2026-06-25T09:31:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53181"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/22c587aa3ab1ab5264daff3ec32136fd30436c13"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9698582a4dd9c4a05889d7db96d4c0edc9e69cac"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ba9ad6015937a5e46ba1a31370e3efdec8abbdcc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bcb275626055df7f8f947f1a349754b4004d9a15"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c05fa14db43ebef3bd862ca9d073981c0358b3f0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cf7090e255d74c4b61c51f8ede9fcacdd8393b5b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dfd853197615d322d3a88dbcab91fc0fd2096219"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ea0b03d52881c12a8c634ea0d6cbfa61cefdb488"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6H6Q-FM45-W3HV
Vulnerability from github – Published: 2024-02-05 18:31 – Updated: 2025-11-04 21:31mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.
{
"affected": [],
"aliases": [
"CVE-2024-24259"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-05T18:15:52Z",
"severity": "HIGH"
},
"details": "mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.",
"id": "GHSA-6h6q-fm45-w3hv",
"modified": "2025-11-04T21:31:05Z",
"published": "2024-02-05T18:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24259"
},
{
"type": "WEB",
"url": "https://github.com/freeglut/freeglut/pull/155"
},
{
"type": "WEB",
"url": "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6H97-83V8-3WF3
Vulnerability from github – Published: 2025-03-12 00:31 – Updated: 2025-03-12 00:31In the Linux kernel, the following vulnerability has been resolved:
i2c: piix4: Fix a memory leak in the EFCH MMIO support
The recently added support for EFCH MMIO regions introduced a memory leak in that code path. The leak is caused by the fact that release_resource() merely removes the resource from the tree but does not free its memory. We need to call release_mem_region() instead, which does free the memory. As a nice side effect, this brings back some symmetry between the legacy and MMIO paths.
{
"affected": [],
"aliases": [
"CVE-2022-49653"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:40Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: piix4: Fix a memory leak in the EFCH MMIO support\n\nThe recently added support for EFCH MMIO regions introduced a memory\nleak in that code path. The leak is caused by the fact that\nrelease_resource() merely removes the resource from the tree but does\nnot free its memory. We need to call release_mem_region() instead,\nwhich does free the memory. As a nice side effect, this brings back\nsome symmetry between the legacy and MMIO paths.",
"id": "GHSA-6h97-83v8-3wf3",
"modified": "2025-03-12T00:31:48Z",
"published": "2025-03-12T00:31:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49653"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8ad59b397f86a4d8014966fdc0552095a0c4fb2b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a3263e4cf8265f0c9eb0ed8a9b50f132c7a42e19"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d2bf1a6480e8d44658a8ac3bdcec081238873212"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6HFV-88F5-HJF6
Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-17 21:31In the Linux kernel, the following vulnerability has been resolved:
PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
If dw_pcie_ep_init() fails to perform any action after the EPC memory is initialized and the MSI memory region is allocated, the latter parts won't be undone thus causing a memory leak. Add a cleanup-on-error path to fix these leaks.
[bhelgaas: commit log]
{
"affected": [],
"aliases": [
"CVE-2022-50146"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-18T11:15:44Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors\n\nIf dw_pcie_ep_init() fails to perform any action after the EPC memory is\ninitialized and the MSI memory region is allocated, the latter parts won\u0027t\nbe undone thus causing a memory leak. Add a cleanup-on-error path to fix\nthese leaks.\n\n[bhelgaas: commit log]",
"id": "GHSA-6hfv-88f5-hjf6",
"modified": "2025-11-17T21:31:18Z",
"published": "2025-06-18T12:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50146"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2d546db5c80c45cac3ccd929550244fd58f4ff58"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3b453f5d06d1f1d6b20a75ea51dc7b53ae78f479"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8161e9626b50892eaedbd8070ecb1586ecedb109"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b03a8f1264ea8c363bec9ef6e37b467f27cb04ea"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e7599a5974d4c64eaae8009c3f2e47b9e3223e07"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6HPM-WR73-66XQ
Vulnerability from github – Published: 2025-03-04 06:30 – Updated: 2025-03-04 06:30in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.
{
"affected": [],
"aliases": [
"CVE-2025-20011"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-04T04:15:12Z",
"severity": "LOW"
},
"details": "in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.",
"id": "GHSA-6hpm-wr73-66xq",
"modified": "2025-03-04T06:30:33Z",
"published": "2025-03-04T06:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20011"
},
{
"type": "WEB",
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-6HQ5-4RHC-R2CC
Vulnerability from github – Published: 2025-03-12 00:31 – Updated: 2025-03-12 00:31In the Linux kernel, the following vulnerability has been resolved:
ima: Fix potential memory leak in ima_init_crypto()
On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the ima_algo_array. Add the missing kfree() for ima_algo_array to avoid the potential memory leak.
{
"affected": [],
"aliases": [
"CVE-2022-49627"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:38Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix potential memory leak in ima_init_crypto()\n\nOn failure to allocate the SHA1 tfm, IMA fails to initialize and exits\nwithout freeing the ima_algo_array. Add the missing kfree() for\nima_algo_array to avoid the potential memory leak.",
"id": "GHSA-6hq5-4rhc-r2cc",
"modified": "2025-03-12T00:31:47Z",
"published": "2025-03-12T00:31:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49627"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/067d2521874135267e681c19d42761c601d503d6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/601ae26aa2802a4c10c94d7388a99eabdbefab2b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/830de9667b3ada0a75a3f098dfc7159709fe397b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c1d9702ceb4a091da6bee380627596d1fba09274"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.