CWE-244
AllowedImproper Clearing of Heap Memory Before Release ('Heap Inspection')
Abstraction: Variant · Status: Draft
Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory.
36 vulnerabilities reference this CWE, most recent first.
GHSA-8H84-FHQQ-Q58V
Vulnerability from github – Published: 2026-06-10 18:34 – Updated: 2026-06-26 20:48internal/pki/resolver.go:36-64 constructs a CAManager with the plaintext ed25519.PrivateKey after unwrapping via the master key; internal/pki/ca.go:13-16 stores it. Callers at internal/api/enroll.go:116, internal/api/updates.go:297, and internal/api/mobile_bundle.go:40 use the manager for one Sign() and drop the reference on function return — but the underlying slice contents are not wiped before release.
The keystore package's contract (internal/keystore/keystore.go doc: "Callers MUST zeroise the returned plaintext DEK as soon as it is no longer needed") is not met by the CAManager consumer. Decrypted CA private keys persist in process heap until Go's GC scavenges the underlying slice — minutes to hours under load, indefinitely on idle servers.
Affected
All released versions up to v0.3.6.
Threat model
Memory-read access: core dump, ptrace, kernel swap to disk, container/VM snapshot, OOM-debug bundle, side-channel via shared cache lines. Not a remote-network vulnerability, but defeats the master-key + envelope-encryption design's promise of "private key never lingers".
Suggested fix
Add a Wipe() method on CAManager:
// internal/pki/ca.go
func (m *CAManager) Wipe() {
if m == nil {
return
}
keystore.Zeroize(m.caKey)
}
At each call site (enroll.go:116, updates.go:297, mobile_bundle.go:40, and any new caller), defer caMgr.Wipe() immediately after the Resolve() call. Pattern mirrors the existing defer keystore.Zeroize(dek) discipline in the keystore package.
Optional follow-up: wrap m.Sign() to zeroize after each call, removing the contract on callers — but the defer pattern is sufficient as a minimum.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/juev/nebula-mesh"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/forgekeep/nebula-mesh"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-48025"
],
"database_specific": {
"cwe_ids": [
"CWE-244"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-10T18:34:29Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "`internal/pki/resolver.go:36-64` constructs a `CAManager` with the plaintext `ed25519.PrivateKey` after unwrapping via the master key; `internal/pki/ca.go:13-16` stores it. Callers at `internal/api/enroll.go:116`, `internal/api/updates.go:297`, and `internal/api/mobile_bundle.go:40` use the manager for one `Sign()` and drop the reference on function return \u2014 but the underlying slice contents are not wiped before release.\n\nThe keystore package\u0027s contract (`internal/keystore/keystore.go` doc: *\"Callers MUST zeroise the returned plaintext DEK as soon as it is no longer needed\"*) is not met by the `CAManager` consumer. Decrypted CA private keys persist in process heap until Go\u0027s GC scavenges the underlying slice \u2014 minutes to hours under load, indefinitely on idle servers.\n\n## Affected\nAll released versions up to v0.3.6.\n\n## Threat model\nMemory-read access: core dump, ptrace, kernel swap to disk, container/VM snapshot, OOM-debug bundle, side-channel via shared cache lines. Not a remote-network vulnerability, but defeats the master-key + envelope-encryption design\u0027s promise of \"private key never lingers\".\n\n## Suggested fix\nAdd a `Wipe()` method on `CAManager`:\n\n```go\n// internal/pki/ca.go\nfunc (m *CAManager) Wipe() {\n if m == nil {\n return\n }\n keystore.Zeroize(m.caKey)\n}\n```\n\nAt each call site (`enroll.go:116`, `updates.go:297`, `mobile_bundle.go:40`, and any new caller), `defer caMgr.Wipe()` immediately after the `Resolve()` call. Pattern mirrors the existing `defer keystore.Zeroize(dek)` discipline in the keystore package.\n\nOptional follow-up: wrap `m.Sign()` to zeroize after each call, removing the contract on callers \u2014 but the `defer` pattern is sufficient as a minimum.",
"id": "GHSA-8h84-fhqq-q58v",
"modified": "2026-06-26T20:48:20Z",
"published": "2026-06-10T18:34:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/juev/nebula-mesh/security/advisories/GHSA-8h84-fhqq-q58v"
},
{
"type": "WEB",
"url": "https://github.com/forgekeep/nebula-mesh/commit/bca1d5914fbaf3517d3b86145a802c00de4a8122"
},
{
"type": "WEB",
"url": "https://github.com/forgekeep/nebula-mesh/releases/tag/v0.3.7"
},
{
"type": "PACKAGE",
"url": "https://github.com/juev/nebula-mesh"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "nebula-mesh: Decrypted CA private key persists in heap after signing"
}
GHSA-8M64-P66F-H4HV
Vulnerability from github – Published: 2025-11-03 15:30 – Updated: 2025-11-04 18:31An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.
{
"affected": [],
"aliases": [
"CVE-2025-45663"
],
"database_specific": {
"cwe_ids": [
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-03T15:15:35Z",
"severity": "MODERATE"
},
"details": "An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.",
"id": "GHSA-8m64-p66f-h4hv",
"modified": "2025-11-04T18:31:47Z",
"published": "2025-11-03T15:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45663"
},
{
"type": "WEB",
"url": "https://github.com/Fysac/netsurf-disclosure/tree/main/CVE-2025-45663"
},
{
"type": "WEB",
"url": "https://www.netsurf-browser.org"
},
{
"type": "WEB",
"url": "http://netsurf.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-9929-5H8G-7GV5
Vulnerability from github – Published: 2023-11-01 18:30 – Updated: 2023-11-01 18:30A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required.
{
"affected": [],
"aliases": [
"CVE-2023-20070"
],
"database_specific": {
"cwe_ids": [
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-01T18:15:09Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required.",
"id": "GHSA-9929-5h8g-7gv5",
"modified": "2023-11-01T18:30:33Z",
"published": "2023-11-01T18:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20070"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-C5HQ-87CR-9F65
Vulnerability from github – Published: 2025-11-17 21:31 – Updated: 2025-11-17 21:31IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request.
{
"affected": [],
"aliases": [
"CVE-2025-36118"
],
"database_specific": {
"cwe_ids": [
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-17T21:15:57Z",
"severity": "HIGH"
},
"details": "IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request.",
"id": "GHSA-c5hq-87cr-9f65",
"modified": "2025-11-17T21:31:25Z",
"published": "2025-11-17T21:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36118"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7250954"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CH3J-WHF9-3XP2
Vulnerability from github – Published: 2026-03-04 18:31 – Updated: 2026-03-04 18:31A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to ineffective memory management of the VPN web server. An attacker could exploit this vulnerability by sending a large number of crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
{
"affected": [],
"aliases": [
"CVE-2026-20039"
],
"database_specific": {
"cwe_ids": [
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-04T18:16:17Z",
"severity": "HIGH"
},
"details": "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\n\nThis vulnerability is due to ineffective memory management of the VPN web server. An attacker could exploit this vulnerability by sending a large number of\u0026nbsp;crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.",
"id": "GHSA-ch3j-whf9-3xp2",
"modified": "2026-03-04T18:31:55Z",
"published": "2026-03-04T18:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20039"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-dos-SpOFF2Re"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FX46-5QRR-3WP5
Vulnerability from github – Published: 2025-08-18 15:30 – Updated: 2025-08-18 15:30IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory.
{
"affected": [],
"aliases": [
"CVE-2025-1759"
],
"database_specific": {
"cwe_ids": [
"CWE-212",
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-18T14:15:28Z",
"severity": "MODERATE"
},
"details": "IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory.",
"id": "GHSA-fx46-5qrr-3wp5",
"modified": "2025-08-18T15:30:32Z",
"published": "2025-08-18T15:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1759"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7242354"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GVH3-F4G3-C9FF
Vulnerability from github – Published: 2025-07-25 15:30 – Updated: 2025-07-25 15:30IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Container could disclose sensitive information to a local user due to improper clearing of heap memory before release.
{
"affected": [],
"aliases": [
"CVE-2025-33013"
],
"database_specific": {
"cwe_ids": [
"CWE-212",
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-24T15:15:25Z",
"severity": "MODERATE"
},
"details": "IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Container could disclose sensitive information to a local user due to improper clearing of heap memory before release.",
"id": "GHSA-gvh3-f4g3-c9ff",
"modified": "2025-07-25T15:30:45Z",
"published": "2025-07-25T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33013"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7240431"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JP5M-RMJH-RG7R
Vulnerability from github – Published: 2022-11-16 12:00 – Updated: 2022-11-22 03:30Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.
{
"affected": [],
"aliases": [
"CVE-2022-20922"
],
"database_specific": {
"cwe_ids": [
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-15T21:15:00Z",
"severity": "MODERATE"
},
"details": "Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details [\"#details\"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.",
"id": "GHSA-jp5m-rmjh-rg7r",
"modified": "2022-11-22T03:30:58Z",
"published": "2022-11-16T12:00:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20922"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-JV3G-9HQJ-VHVV
Vulnerability from github – Published: 2025-10-28 15:30 – Updated: 2025-10-31 21:30IBM Concert Software
1.0.0 through 2.0.0 could allow a local user to obtain sensitive information from buffers due to improper clearing of heap memory before release.
{
"affected": [],
"aliases": [
"CVE-2025-36083"
],
"database_specific": {
"cwe_ids": [
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-28T15:16:12Z",
"severity": "MODERATE"
},
"details": "IBM Concert Software \n\n1.0.0 through 2.0.0\u00a0could allow a local user to obtain sensitive information from buffers due to improper clearing of heap memory before release.",
"id": "GHSA-jv3g-9hqj-vhvv",
"modified": "2025-10-31T21:30:59Z",
"published": "2025-10-28T15:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36083"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7249356"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MRRQ-9GCX-WV49
Vulnerability from github – Published: 2025-12-26 15:30 – Updated: 2025-12-26 15:30IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory.
{
"affected": [],
"aliases": [
"CVE-2025-1721"
],
"database_specific": {
"cwe_ids": [
"CWE-244"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-26T13:15:46Z",
"severity": "MODERATE"
},
"details": "IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory.",
"id": "GHSA-mrrq-9gcx-wv49",
"modified": "2025-12-26T15:30:17Z",
"published": "2025-12-26T15:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1721"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7255549"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.