CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-6HVM-256W-H2QV
Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2024-04-04 02:45A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.
{
"affected": [],
"aliases": [
"CVE-2019-20052"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-27T22:15:00Z",
"severity": "MODERATE"
},
"details": "A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.",
"id": "GHSA-6hvm-256w-h2qv",
"modified": "2024-04-04T02:45:48Z",
"published": "2022-05-24T17:05:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20052"
},
{
"type": "WEB",
"url": "https://github.com/tbeu/matio/issues/131"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J7P-4WH4-PF8X
Vulnerability from github – Published: 2025-09-22 21:30 – Updated: 2025-09-22 21:30In the Linux kernel, the following vulnerability has been resolved:
phy: qcom-qmp: fix reset-controller leak on probe errors
Make sure to release the lane reset controller in case of a late probe error (e.g. probe deferral).
Note that due to the reset controller being defined in devicetree in "lane" child nodes, devm_reset_control_get_exclusive() cannot be used directly.
{
"affected": [],
"aliases": [
"CVE-2022-49396"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:16Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom-qmp: fix reset-controller leak on probe errors\n\nMake sure to release the lane reset controller in case of a late probe\nerror (e.g. probe deferral).\n\nNote that due to the reset controller being defined in devicetree in\n\"lane\" child nodes, devm_reset_control_get_exclusive() cannot be used\ndirectly.",
"id": "GHSA-6j7p-4wh4-pf8x",
"modified": "2025-09-22T21:30:16Z",
"published": "2025-09-22T21:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49396"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2156dc390402043ba5982489c6625adcb0b0975c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4d2900f20edfe541f75756a00deeb2ffe7c66bc1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7ac21b24af859c097eb4034e93430056068f8f31"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8c03eb0c8982677b4e17174073a011788891304d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a39d9eccb333b8c07c43ebea1c6dfda122378a0f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b7b5fbcaac5355e2e695dc0c08a0fcf248250388"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ba173a6f8d8dffed64bb13ab23081bdddfb464f0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/feb05b10b3ed3ae21b851520a0d0b71685439517"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J92-J58G-FC8V
Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-12 18:31In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix inode list leak during backref walking at find_parent_nodes()
During backref walking, at find_parent_nodes(), if we are dealing with a data extent and we get an error while resolving the indirect backrefs, at resolve_indirect_refs(), or in the while loop that iterates over the refs in the direct refs rbtree, we end up leaking the inode lists attached to the direct refs we have in the direct refs rbtree that were not yet added to the refs ulist passed as argument to find_parent_nodes(). Since they were not yet added to the refs ulist and prelim_release() does not free the lists, on error the caller can only free the lists attached to the refs that were added to the refs ulist, all the remaining refs get their inode lists never freed, therefore leaking their memory.
Fix this by having prelim_release() always free any attached inode list to each ref found in the rbtree, and have find_parent_nodes() set the ref's inode list to NULL once it transfers ownership of the inode list to a ref added to the refs ulist passed to find_parent_nodes().
{
"affected": [],
"aliases": [
"CVE-2022-49913"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T15:16:16Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix inode list leak during backref walking at find_parent_nodes()\n\nDuring backref walking, at find_parent_nodes(), if we are dealing with a\ndata extent and we get an error while resolving the indirect backrefs, at\nresolve_indirect_refs(), or in the while loop that iterates over the refs\nin the direct refs rbtree, we end up leaking the inode lists attached to\nthe direct refs we have in the direct refs rbtree that were not yet added\nto the refs ulist passed as argument to find_parent_nodes(). Since they\nwere not yet added to the refs ulist and prelim_release() does not free\nthe lists, on error the caller can only free the lists attached to the\nrefs that were added to the refs ulist, all the remaining refs get their\ninode lists never freed, therefore leaking their memory.\n\nFix this by having prelim_release() always free any attached inode list\nto each ref found in the rbtree, and have find_parent_nodes() set the\nref\u0027s inode list to NULL once it transfers ownership of the inode list\nto a ref added to the refs ulist passed to find_parent_nodes().",
"id": "GHSA-6j92-j58g-fc8v",
"modified": "2025-11-12T18:31:03Z",
"published": "2025-05-01T15:31:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49913"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/222a3d533027b9492d5b7f5ecdc01a90f57bb5a9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/61e06128113711df0534c404fb6bb528eb7d2332"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6a6731a0df8c47ecc703bd7bb73459df767051e0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/83ea8c5b54d452a5769e605e3c5c687e8ca06d89"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/92876eec382a0f19f33d09d2c939e9ca49038ae5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JQJ-G976-VCVW
Vulnerability from github – Published: 2025-01-11 15:30 – Updated: 2025-01-16 15:32In the Linux kernel, the following vulnerability has been resolved:
scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()
This will ensure that the scsi host is cleaned up properly using scsi_host_dev_release(). Otherwise, it may lead to memory leaks.
{
"affected": [],
"aliases": [
"CVE-2024-57872"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-11T15:15:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()\n\nThis will ensure that the scsi host is cleaned up properly using\nscsi_host_dev_release(). Otherwise, it may lead to memory leaks.",
"id": "GHSA-6jqj-g976-vcvw",
"modified": "2025-01-16T15:32:09Z",
"published": "2025-01-11T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57872"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/897df60c16d54ad515a3d0887edab5c63da06d1f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cd188519d2467ab4c2141587b0551ba030abff0e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JV9-X5W9-2CCM
Vulnerability from github – Published: 2026-06-11 13:26 – Updated: 2026-07-10 12:31Impact
The RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state (depths field) but defines no channelInactive, handlerRemoved, or exceptionCaught method to release them when the pipeline tears down. Because the leaked buffers are slices of PooledByteBufAllocator chunks, they prevent those chunks from being returned to the JVM-wide direct-memory pool. Repeated connection churn by any network peer monotonically drains this shared pool, eventually causing allocation failures on all Netty channels in the process.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.2.14.Final"
},
"package": {
"ecosystem": "Maven",
"name": "io.netty:netty-codec-redis"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0.Final"
},
{
"fixed": "4.2.15.Final"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.1.134.Final"
},
"package": {
"ecosystem": "Maven",
"name": "io.netty:netty-codec-redis"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.135.Final"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-48006"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-772"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-11T13:26:06Z",
"nvd_published_at": "2026-06-12T16:16:30Z",
"severity": "HIGH"
},
"details": "### Impact\nThe RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state (`depths` field) but defines no `channelInactive`, `handlerRemoved`, or `exceptionCaught` method to release them when the pipeline tears down. Because the leaked buffers are slices of `PooledByteBufAllocator` chunks, they prevent those chunks from being returned to the JVM-wide direct-memory pool. Repeated connection churn by any network peer monotonically drains this shared pool, eventually causing allocation failures on all Netty channels in the process.",
"id": "GHSA-6jv9-x5w9-2ccm",
"modified": "2026-07-10T12:31:39Z",
"published": "2026-06-11T13:26:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/netty/netty/security/advisories/GHSA-6jv9-x5w9-2ccm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48006"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-48006"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488433"
},
{
"type": "PACKAGE",
"url": "https://github.com/netty/netty"
},
{
"type": "WEB",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"type": "WEB",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-48006.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Netty\u0027s Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator"
}
GHSA-6JVJ-RJJJ-4GFR
Vulnerability from github – Published: 2023-10-13 00:30 – Updated: 2024-04-04 08:36An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS).
On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak.
To confirm the memory leak, monitor for "sheaf:possible leak" and "vtep not found" messages in the logs.
This issue affects:
Juniper Networks Junos OS QFX5000 Series:
- All versions prior to 20.4R3-S6;
- 21.1 versions prior to 21.1R3-S5;
- 21.2 versions prior to 21.2R3-S5;
- 21.3 versions prior to 21.3R3-S4;
- 21.4 versions prior to 21.4R3-S3;
- 22.1 versions prior to 22.1R3-S2;
- 22.2 versions prior to 22.2R2-S2, 22.2R3;
- 22.3 versions prior to 22.3R2-S1, 22.3R3;
- 22.4 versions prior to 22.4R1-S2, 22.4R2.
{
"affected": [],
"aliases": [
"CVE-2023-44192"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-13T00:15:12Z",
"severity": "HIGH"
},
"details": "\nAn Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS).\n\nOn all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak.\n\nTo confirm the memory leak, monitor for \"sheaf:possible leak\" and \"vtep not found\" messages in the logs.\n\nThis issue affects:\n\nJuniper Networks Junos OS QFX5000 Series:\n\n\n\n * All versions prior to 20.4R3-S6;\n * 21.1 versions prior to 21.1R3-S5;\n * 21.2 versions prior to 21.2R3-S5;\n * 21.3 versions prior to 21.3R3-S4;\n * 21.4 versions prior to 21.4R3-S3;\n * 22.1 versions prior to 22.1R3-S2;\n * 22.2 versions prior to 22.2R2-S2, 22.2R3;\n * 22.3 versions prior to 22.3R2-S1, 22.3R3;\n * 22.4 versions prior to 22.4R1-S2, 22.4R2.\n\n\n\n\n\n\n",
"id": "GHSA-6jvj-rjjj-4gfr",
"modified": "2024-04-04T08:36:58Z",
"published": "2023-10-13T00:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44192"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA73156"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6M5F-GF5F-WVX9
Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-12-09 18:31In the Linux kernel, the following vulnerability has been resolved:
mt76: mt7615: fix memleak when mt7615_unregister_device()
mt7615_tx_token_put() should get call before mt76_free_pending_txwi().
{
"affected": [],
"aliases": [
"CVE-2021-47022"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-28T09:15:39Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7615: fix memleak when mt7615_unregister_device()\n\nmt7615_tx_token_put() should get call before mt76_free_pending_txwi().",
"id": "GHSA-6m5f-gf5f-wvx9",
"modified": "2024-12-09T18:31:18Z",
"published": "2024-02-28T09:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47022"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/107bcbb219ac84d885ac63b25246f8d33212bc47"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4fa28c807da54c1d720b3cc12e48eb9bea1e2c8f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6c5b2b0c6e5a6ce2d8f9f85b8b72bfad60eaa506"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8ab31da7b89f71c4c2defcca989fab7b42f87d71"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6M9M-FQJ9-2H56
Vulnerability from github – Published: 2025-09-23 18:30 – Updated: 2025-09-23 18:30In the Linux kernel, the following vulnerability has been resolved:
scsi: pm8001: Fix task leak in pm8001_send_abort_all()
In pm8001_send_abort_all(), make sure to free the allocated sas task if pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail.
{
"affected": [],
"aliases": [
"CVE-2022-49120"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:00:49Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm8001: Fix task leak in pm8001_send_abort_all()\n\nIn pm8001_send_abort_all(), make sure to free the allocated sas task\nif pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail.",
"id": "GHSA-6m9m-fqj9-2h56",
"modified": "2025-09-23T18:30:20Z",
"published": "2025-09-23T18:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49120"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/146cae06d2682d7563732544be334e8e6d3862b8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2051044d7901f1a9d7be95d0d32e53b88e9548f7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2290dcad6f65864dec518fb2d5fb45f67d684150"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/34c79d16ee69cb53288c202bb1ab0ba0130d9674"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f90a74892f3acf0cdec5844e90fc8686ca13e7d7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6MPC-QPFH-2Q9R
Vulnerability from github – Published: 2025-10-04 18:31 – Updated: 2026-01-22 21:33In the Linux kernel, the following vulnerability has been resolved:
netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed
If some items in nsim_dev_resources_register() fail, memory leak will occur. The following is the memory leak information.
unreferenced object 0xffff888074c02600 (size 128): comm "echo", pid 8159, jiffies 4294945184 (age 493.530s) hex dump (first 32 bytes): 40 47 ea 89 ff ff ff ff 01 00 00 00 00 00 00 00 @G.............. ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ backtrace: [<0000000011a31c98>] kmalloc_trace+0x22/0x60 [<0000000027384c69>] devl_resource_register+0x144/0x4e0 [<00000000a16db248>] nsim_drv_probe+0x37a/0x1260 [<000000007d1f448c>] really_probe+0x20b/0xb10 [<00000000c416848a>] __driver_probe_device+0x1b3/0x4a0 [<00000000077e0351>] driver_probe_device+0x49/0x140 [<0000000054f2465a>] __device_attach_driver+0x18c/0x2a0 [<000000008538f359>] bus_for_each_drv+0x151/0x1d0 [<0000000038e09747>] __device_attach+0x1c9/0x4e0 [<00000000dd86e533>] bus_probe_device+0x1d5/0x280 [<00000000839bea35>] device_add+0xae0/0x1cb0 [<000000009c2abf46>] new_device_store+0x3b6/0x5f0 [<00000000fb823d7f>] bus_attr_store+0x72/0xa0 [<000000007acc4295>] sysfs_kf_write+0x106/0x160 [<000000005f50cb4d>] kernfs_fop_write_iter+0x3a8/0x5a0 [<0000000075eb41bf>] vfs_write+0x8f0/0xc80
{
"affected": [],
"aliases": [
"CVE-2022-50500"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-04T16:15:47Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed\n\nIf some items in nsim_dev_resources_register() fail, memory leak will\noccur. The following is the memory leak information.\n\nunreferenced object 0xffff888074c02600 (size 128):\n comm \"echo\", pid 8159, jiffies 4294945184 (age 493.530s)\n hex dump (first 32 bytes):\n 40 47 ea 89 ff ff ff ff 01 00 00 00 00 00 00 00 @G..............\n ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................\n backtrace:\n [\u003c0000000011a31c98\u003e] kmalloc_trace+0x22/0x60\n [\u003c0000000027384c69\u003e] devl_resource_register+0x144/0x4e0\n [\u003c00000000a16db248\u003e] nsim_drv_probe+0x37a/0x1260\n [\u003c000000007d1f448c\u003e] really_probe+0x20b/0xb10\n [\u003c00000000c416848a\u003e] __driver_probe_device+0x1b3/0x4a0\n [\u003c00000000077e0351\u003e] driver_probe_device+0x49/0x140\n [\u003c0000000054f2465a\u003e] __device_attach_driver+0x18c/0x2a0\n [\u003c000000008538f359\u003e] bus_for_each_drv+0x151/0x1d0\n [\u003c0000000038e09747\u003e] __device_attach+0x1c9/0x4e0\n [\u003c00000000dd86e533\u003e] bus_probe_device+0x1d5/0x280\n [\u003c00000000839bea35\u003e] device_add+0xae0/0x1cb0\n [\u003c000000009c2abf46\u003e] new_device_store+0x3b6/0x5f0\n [\u003c00000000fb823d7f\u003e] bus_attr_store+0x72/0xa0\n [\u003c000000007acc4295\u003e] sysfs_kf_write+0x106/0x160\n [\u003c000000005f50cb4d\u003e] kernfs_fop_write_iter+0x3a8/0x5a0\n [\u003c0000000075eb41bf\u003e] vfs_write+0x8f0/0xc80",
"id": "GHSA-6mpc-qpfh-2q9r",
"modified": "2026-01-22T21:33:43Z",
"published": "2025-10-04T18:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50500"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6b1da9f7126f05e857da6db24c6a04aa7974d644"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7c4957fe40e2a628b7cceaf4c9bfb5b701774d05"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6P22-Q7W5-33PG
Vulnerability from github – Published: 2026-03-26 22:09 – Updated: 2026-03-26 22:09The ASHLAR coder leaks a temporary image when an action fails and that could result to an out of memory.
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-AnyCPU"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-AnyCPU"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-OpenMP-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-x86"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-OpenMP-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-OpenMP-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-OpenMP-x86"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-x86"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-AnyCPU"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-OpenMP-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-OpenMP-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-x86"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.11.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-26T22:09:16Z",
"nvd_published_at": null,
"severity": "LOW"
},
"details": "The ASHLAR coder leaks a temporary image when an action fails and that could result to an out of memory.",
"id": "GHSA-6p22-q7w5-33pg",
"modified": "2026-03-26T22:09:16Z",
"published": "2026-03-26T22:09:16Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6p22-q7w5-33pg"
},
{
"type": "PACKAGE",
"url": "https://github.com/ImageMagick/ImageMagick"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "ImageMagick has possible memory leak in ASHLAR coder when action fails"
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.