Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-M625-4J2W-4X6F

Vulnerability from github – Published: 2025-03-18 21:32 – Updated: 2025-03-18 21:32
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

mt76: mt7915: fix possible memory leak in mt7915_mcu_add_sta

Free allocated skb in mt7915_mcu_add_sta routine in case of failures.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49230"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:00Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7915: fix possible memory leak in mt7915_mcu_add_sta\n\nFree allocated skb in mt7915_mcu_add_sta routine in case of failures.",
  "id": "GHSA-m625-4j2w-4x6f",
  "modified": "2025-03-18T21:32:00Z",
  "published": "2025-03-18T21:32:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49230"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a43736cd12d82913102eb49cb56787a5553e028f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b334a245ff1d76b1e97af8cea648ea6798b9eb87"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/daf02c7e3c3dc82ffa925999597bd455cf799551"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6C2-FR93-335H

Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-12 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

interconnect: fix mem leak when freeing nodes

The node link array is allocated when adding links to a node but is not deallocated when nodes are destroyed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53096"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-02T16:15:28Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: fix mem leak when freeing nodes\n\nThe node link array is allocated when adding links to a node but is not\ndeallocated when nodes are destroyed.",
  "id": "GHSA-m6c2-fr93-335h",
  "modified": "2025-11-12T21:31:01Z",
  "published": "2025-05-02T18:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53096"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e0b13a1827229a02abef97b50ffaf89ba25370a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3167306455d0fbbbcf08cb25651acc527a86a95e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a5904f415e1af72fa8fe6665aa4f554dc2099a95"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c1722e4113281fb34e5b4fb5c5387b17cd39a537"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/efae80ca13faa94457208852825731da44a788ad"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f1e3a20c60196c37a402c584d0c9de306ba988ce"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6C5-JHRW-6658

Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-07 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

perf/x86/amd/uncore: Fix memory leak for events array

When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed but not the events array within the context structure. This causes a memory leak as identified by the kmemleak detector.

[...] unreferenced object 0xffff8c5944b8e320 (size 32): comm "swapper/0", pid 1, jiffies 4294670387 (age 151.072s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000000759fb79>] amd_uncore_cpu_up_prepare+0xaf/0x230 [<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470 [<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170 [<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330 [<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110 [<0000000015365e0f>] amd_uncore_init+0x260/0x321 [<00000000089152d2>] do_one_initcall+0x3f/0x1f0 [<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212 [<0000000030be8dde>] kernel_init+0x11/0x120 [<0000000059709e59>] ret_from_fork+0x22/0x30 unreferenced object 0xffff8c5944b8dd40 (size 64): comm "swapper/0", pid 1, jiffies 4294670387 (age 151.072s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000306efe8b>] amd_uncore_cpu_up_prepare+0x183/0x230 [<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470 [<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170 [<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330 [<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110 [<0000000015365e0f>] amd_uncore_init+0x260/0x321 [<00000000089152d2>] do_one_initcall+0x3f/0x1f0 [<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212 [<0000000030be8dde>] kernel_init+0x11/0x120 [<0000000059709e59>] ret_from_fork+0x22/0x30 [...]

Fix the problem by freeing the events array before freeing the uncore context.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49784"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T15:16:01Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd/uncore: Fix memory leak for events array\n\nWhen a CPU comes online, the per-CPU NB and LLC uncore contexts are\nfreed but not the events array within the context structure. This\ncauses a memory leak as identified by the kmemleak detector.\n\n  [...]\n  unreferenced object 0xffff8c5944b8e320 (size 32):\n    comm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\n    hex dump (first 32 bytes):\n      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    backtrace:\n      [\u003c000000000759fb79\u003e] amd_uncore_cpu_up_prepare+0xaf/0x230\n      [\u003c00000000ddc9e126\u003e] cpuhp_invoke_callback+0x2cf/0x470\n      [\u003c0000000093e727d4\u003e] cpuhp_issue_call+0x14d/0x170\n      [\u003c0000000045464d54\u003e] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n      [\u003c0000000069f67cbd\u003e] __cpuhp_setup_state+0x6b/0x110\n      [\u003c0000000015365e0f\u003e] amd_uncore_init+0x260/0x321\n      [\u003c00000000089152d2\u003e] do_one_initcall+0x3f/0x1f0\n      [\u003c000000002d0bd18d\u003e] kernel_init_freeable+0x1ca/0x212\n      [\u003c0000000030be8dde\u003e] kernel_init+0x11/0x120\n      [\u003c0000000059709e59\u003e] ret_from_fork+0x22/0x30\n  unreferenced object 0xffff8c5944b8dd40 (size 64):\n    comm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\n    hex dump (first 32 bytes):\n      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    backtrace:\n      [\u003c00000000306efe8b\u003e] amd_uncore_cpu_up_prepare+0x183/0x230\n      [\u003c00000000ddc9e126\u003e] cpuhp_invoke_callback+0x2cf/0x470\n      [\u003c0000000093e727d4\u003e] cpuhp_issue_call+0x14d/0x170\n      [\u003c0000000045464d54\u003e] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n      [\u003c0000000069f67cbd\u003e] __cpuhp_setup_state+0x6b/0x110\n      [\u003c0000000015365e0f\u003e] amd_uncore_init+0x260/0x321\n      [\u003c00000000089152d2\u003e] do_one_initcall+0x3f/0x1f0\n      [\u003c000000002d0bd18d\u003e] kernel_init_freeable+0x1ca/0x212\n      [\u003c0000000030be8dde\u003e] kernel_init+0x11/0x120\n      [\u003c0000000059709e59\u003e] ret_from_fork+0x22/0x30\n  [...]\n\nFix the problem by freeing the events array before freeing the uncore\ncontext.",
  "id": "GHSA-m6c5-jhrw-6658",
  "modified": "2025-11-07T18:30:25Z",
  "published": "2025-05-01T15:31:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49784"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bdfe34597139cfcecd47a2eb97fea44d77157491"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f75be9885d49e3717de962345c4572ddab52b178"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6HQ-P25P-FFR2

Vulnerability from github – Published: 2025-11-06 23:32 – Updated: 2025-11-07 16:42
VLAI
Summary
containerd CRI server: Host memory exhaustion through Attach goroutine leak
Details

Impact

A bug was found in containerd's CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks.

Repetitive calls of CRI Attach (e.g., kubectl attach) could increase the memory usage of containerd.

Patches

This bug has been fixed in the following containerd versions:

  • 2.2.0
  • 2.1.5
  • 2.0.7
  • 1.7.29

Users should update to these versions to resolve the issue.

Workarounds

Set up an admission controller to control accesses to pods/attach resources. e.g., Validating Admission Policy.

Credits

The containerd project would like to thank @Wheat2018 for responsibly disclosing this issue in accordance with the containerd security policy.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64329

For more information

If you have any questions or comments about this advisory:

To report a security issue in containerd:

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.7.29"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.1.0-beta.0"
            },
            {
              "fixed": "2.1.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0-beta.0"
            },
            {
              "fixed": "2.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-64329"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-11-06T23:32:23Z",
    "nvd_published_at": "2025-11-07T05:16:08Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nA bug was found in containerd\u0027s CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. \n\nRepetitive calls of CRI Attach (e.g., [`kubectl attach`](https://kubernetes.io/docs/reference/kubectl/generated/kubectl_attach/)) could increase the memory usage of containerd.\n\n### Patches\n\nThis bug has been fixed in the following containerd versions:\n\n* 2.2.0\n* 2.1.5\n* 2.0.7\n* 1.7.29\n\nUsers should update to these versions to resolve the issue.\n\n### Workarounds\n\nSet up an admission controller to control accesses to `pods/attach` resources.\ne.g., [Validating Admission Policy](https://kubernetes.io/docs/reference/access-authn-authz/validating-admission-policy/).\n\n### Credits\n\nThe containerd project would like to thank @Wheat2018 for responsibly disclosing this issue in accordance with the [containerd security policy](https://github.com/containerd/project/blob/main/SECURITY.md).\n\n### References\n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64329\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at [security@containerd.io](mailto:security@containerd.io)\n\nTo report a security issue in containerd:\n\n* [Report a new vulnerability](https://github.com/containerd/containerd/security/advisories/new)",
  "id": "GHSA-m6hq-p25p-ffr2",
  "modified": "2025-11-07T16:42:55Z",
  "published": "2025-11-06T23:32:23Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64329"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/containerd/containerd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "containerd CRI server: Host memory exhaustion through Attach goroutine leak"
}

GHSA-M6R5-JQQX-XRRW

Vulnerability from github – Published: 2022-04-29 02:57 – Updated: 2022-04-29 02:57
VLAI
Details

Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2004-0222"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-05-04T04:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.",
  "id": "GHSA-m6r5-jqqx-xrrw",
  "modified": "2022-04-29T02:57:21Z",
  "published": "2022-04-29T02:57:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0222"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15519"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=108008530028019\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/996177"
    },
    {
      "type": "WEB",
      "url": "http://www.openbsd.org/errata.html"
    },
    {
      "type": "WEB",
      "url": "http://www.rapid7.com/advisories/R7-0018.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/10032"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/alerts/2004/Mar/1009468.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-M7P3-G2HX-XFC3

Vulnerability from github – Published: 2023-09-25 18:30 – Updated: 2023-12-10 12:30
VLAI
Details

A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-5156"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-25T16:15:15Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.",
  "id": "GHSA-m7p3-g2hx-xfc3",
  "modified": "2023-12-10T12:30:19Z",
  "published": "2023-09-25T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5156"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2023-5156"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240541"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202402-01"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30884"
    },
    {
      "type": "WEB",
      "url": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/10/03/4"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/10/03/5"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/10/03/6"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M7R4-7FMR-P48C

Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2026-06-02 21:30
VLAI
Details

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 4). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-27386"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-12T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 4). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.",
  "id": "GHSA-m7r4-7fmr-p48c",
  "modified": "2026-06-02T21:30:33Z",
  "published": "2022-05-24T19:02:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27386"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M832-5XWV-5C23

Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2022-05-13 01:13
VLAI
Details

Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-5579"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-15T15:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.",
  "id": "GHSA-m832-5xwv-5c23",
  "modified": "2022-05-13T01:13:42Z",
  "published": "2022-05-13T01:13:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5579"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2392"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2408"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2017-5579"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416157"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201702-28"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/01/24/8"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/01/25/3"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95780"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M85G-MHQP-WCWM

Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2023-01-20 21:30
VLAI
Details

In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-20096"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-30T05:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.",
  "id": "GHSA-m85g-mhqp-wcwm",
  "modified": "2023-01-20T21:30:28Z",
  "published": "2022-05-24T17:05:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20096"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1d3ff0950e2b40dc861b1739029649d03f591820"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4285-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4286-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4286-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4287-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4287-2"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M87C-PC83-WRFV

Vulnerability from github – Published: 2024-11-07 12:30 – Updated: 2025-11-04 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

be2net: fix potential memory leak in be_xmit()

The be_xmit() returns NETDEV_TX_OK without freeing skb in case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50167"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-07T10:15:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: fix potential memory leak in be_xmit()\n\nThe be_xmit() returns NETDEV_TX_OK without freeing skb\nin case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.",
  "id": "GHSA-m87c-pc83-wrfv",
  "modified": "2025-11-04T00:31:57Z",
  "published": "2024-11-07T12:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50167"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4c5f170ef4f85731a4d43ad9a6ac51106c0946be"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/641c1beed52bf3c6deb0193fe4d38ec9ff75d2ae"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6b7ce8ee01c33c380aaa5077ff25215492e7eb0e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/77bc881d370e850b7f3cd2b5eae67d596b40efbc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/919ab6e2370289a2748780f44a43333cd3878aa7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/941026023c256939943a47d1c66671526befbb26"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e4dd8bfe0f6a23acd305f9b892c00899089bd621"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e86a79b804e26e3b7f1e415b22a085c0bb7ea3d3"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.