Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-MHP8-P4CM-Q5RH

Vulnerability from github – Published: 2024-09-04 21:30 – Updated: 2024-10-10 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe: Fix missing workqueue destroy in xe_gt_pagefault

On driver reload we never free up the memory for the pagefault and access counter workqueues. Add those destroy calls here.

(cherry picked from commit 7586fc52b14e0b8edd0d1f8a434e0de2078b7b2b)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-44979"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-04T20:15:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix missing workqueue destroy in xe_gt_pagefault\n\nOn driver reload we never free up the memory for the pagefault and\naccess counter workqueues. Add those destroy calls here.\n\n(cherry picked from commit 7586fc52b14e0b8edd0d1f8a434e0de2078b7b2b)",
  "id": "GHSA-mhp8-p4cm-q5rh",
  "modified": "2024-10-10T18:31:08Z",
  "published": "2024-09-04T21:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-44979"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a6f78359ac75f24cac3c1bdd753c49c1877bcd82"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b09ef3b762a7fc641fb2f89afd3ebdb65b8ba1b9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MHQ7-M27C-9QJM

Vulnerability from github – Published: 2022-05-24 17:36 – Updated: 2022-09-03 00:00
VLAI
Details

Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-26419"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-11T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.",
  "id": "GHSA-mhq7-m27c-9qjm",
  "modified": "2022-09-03T00:00:23Z",
  "published": "2022-05-24T17:36:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26419"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26419.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/issues/17032"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M75HYXU36SP6GHIDPHNZGJKEO6TX4C4Y"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHWDZPWQJMLK64VFDWJC5SEGPNH6Y72Z"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202101-12"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.wireshark.org/security/wnpa-sec-2020-19.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MHX5-8P5W-32CQ

Vulnerability from github – Published: 2025-09-17 15:30 – Updated: 2025-12-11 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

accel/habanalabs: fix mem leak in capture user mappings

This commit fixes a memory leak caused when clearing the user_mappings info when a new context is opened immediately after user_mapping is captured and a hard reset is performed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53367"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-17T15:15:41Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/habanalabs: fix mem leak in capture user mappings\n\nThis commit fixes a memory leak caused when clearing the user_mappings\ninfo when a new context is opened immediately after user_mapping is\ncaptured and a hard reset is performed.",
  "id": "GHSA-mhx5-8p5w-32cq",
  "modified": "2025-12-11T18:30:32Z",
  "published": "2025-09-17T15:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53367"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/314a7ffd7c196b27eedd50cb7553029e17789b55"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/973e0890e5264cb075ef668661cad06b67777121"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MHXQ-J55C-Q97G

Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2022-05-13 01:09
VLAI
Details

UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1199.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-8259"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-05T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1199.",
  "id": "GHSA-mhxq-j55c-q97g",
  "modified": "2022-05-13T01:09:07Z",
  "published": "2022-05-13T01:09:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8259"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-005-ultravnc-memory-leak"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    },
    {
      "type": "WEB",
      "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MJ8R-4VP9-FX97

Vulnerability from github – Published: 2026-03-04 18:31 – Updated: 2026-03-04 18:31
VLAI
Details

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the network.

This vulnerability is due to memory exhaustion caused by not freeing memory during IKEv2 packet processing. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to exhaust resources, causing a DoS condition that will eventually require the device to manually reload.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-20013"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-04T18:16:15Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the network.\n\n This vulnerability is due to memory exhaustion caused by not freeing memory during IKEv2 packet processing. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to exhaust resources, causing a DoS condition that will eventually require the device to manually reload.",
  "id": "GHSA-mj8r-4vp9-fx97",
  "modified": "2026-03-04T18:31:54Z",
  "published": "2026-03-04T18:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20013"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-eBueGdEG"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MJ94-G7GV-R97M

Vulnerability from github – Published: 2025-09-18 18:30 – Updated: 2026-02-06 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

fbdev: fbcon: release buffer when fbcon_do_set_font() failed

syzbot is reporting memory leak at fbcon_do_set_font() [1], for commit a5a923038d70 ("fbdev: fbcon: Properly revert changes when vc_resize() failed") missed that the buffer might be newly allocated by fbcon_set_font().

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50404"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-18T16:15:43Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fbcon: release buffer when fbcon_do_set_font() failed\n\nsyzbot is reporting memory leak at fbcon_do_set_font() [1], for\ncommit a5a923038d70 (\"fbdev: fbcon: Properly revert changes when\nvc_resize() failed\") missed that the buffer might be newly allocated\nby fbcon_set_font().",
  "id": "GHSA-mj94-g7gv-r97m",
  "modified": "2026-02-06T18:30:27Z",
  "published": "2025-09-18T18:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50404"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/06926607b9fddf7ce8017493899ce6eb7e79a123"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3c3bfb8586f848317ceba5d777e11204ba3e5758"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5a341810a22e51c3a7a108f7896b5fd58d44d127"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/88ec6d11052da527eb9268831e7a9bc5bbad02f6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a609bfc1e644a8467cb31945ed1488374ebdc013"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MJH6-2QQ4-FP8M

Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-25 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

iio: sca3000: Fix a resource leak in sca3000_probe()

spi->irq from request_threaded_irq() not released when iio_device_register() fails. Add an return value check and jump to a common error handler when iio_device_register() fails.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-45883"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-27T14:17:02Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: sca3000: Fix a resource leak in sca3000_probe()\n\nspi-\u003eirq from request_threaded_irq() not released when\niio_device_register() fails. Add an return value check and jump to a\ncommon error handler when iio_device_register() fails.",
  "id": "GHSA-mjh6-2qq4-fp8m",
  "modified": "2026-06-25T21:31:20Z",
  "published": "2026-05-27T15:33:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45883"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/103ac8e3a7f345a0966ef582b8a874ac31a92c7c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/40c860ece22542178cddcf01b08644bcdbc597b3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/517d9f2b963089b3d64c23accf7920d77f5a30c8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/55e13abf22c27a3b0ab5cf941dd07a2d9786736c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/597d749c5180f3e351837e851a6131b140324e9f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/62b44ebc1f2c71db3ca2d4737c52e433f6f03038"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/84d3c396d8ae73c24dececfcc4e544ea09311e32"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e8e960c3d23fdb4882d70d34ce762368da0f1427"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MM8H-H7MM-PWWR

Vulnerability from github – Published: 2024-07-29 15:30 – Updated: 2025-09-25 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

s390/mm: Fix VM_FAULT_HWPOISON handling in do_exception()

There is no support for HWPOISON, MEMORY_FAILURE, or ARCH_HAS_COPY_MC on s390. Therefore we do not expect to see VM_FAULT_HWPOISON in do_exception().

However, since commit af19487f00f3 ("mm: make PTE_MARKER_SWAPIN_ERROR more general"), it is possible to see VM_FAULT_HWPOISON in combination with PTE_MARKER_POISONED, even on architectures that do not support HWPOISON otherwise. In this case, we will end up on the BUG() in do_exception().

Fix this by treating VM_FAULT_HWPOISON the same as VM_FAULT_SIGBUS, similar to x86 when MEMORY_FAILURE is not configured. Also print unexpected fault flags, for easier debugging.

Note that VM_FAULT_HWPOISON_LARGE is not expected, because s390 cannot support swap entries on other levels than PTE level.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-41021"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-29T14:15:03Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/mm: Fix VM_FAULT_HWPOISON handling in do_exception()\n\nThere is no support for HWPOISON, MEMORY_FAILURE, or ARCH_HAS_COPY_MC on\ns390. Therefore we do not expect to see VM_FAULT_HWPOISON in\ndo_exception().\n\nHowever, since commit af19487f00f3 (\"mm: make PTE_MARKER_SWAPIN_ERROR more\ngeneral\"), it is possible to see VM_FAULT_HWPOISON in combination with\nPTE_MARKER_POISONED, even on architectures that do not support HWPOISON\notherwise. In this case, we will end up on the BUG() in do_exception().\n\nFix this by treating VM_FAULT_HWPOISON the same as VM_FAULT_SIGBUS, similar\nto x86 when MEMORY_FAILURE is not configured. Also print unexpected fault\nflags, for easier debugging.\n\nNote that VM_FAULT_HWPOISON_LARGE is not expected, because s390 cannot\nsupport swap entries on other levels than PTE level.",
  "id": "GHSA-mm8h-h7mm-pwwr",
  "modified": "2025-09-25T21:30:19Z",
  "published": "2024-07-29T15:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41021"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/73a9260b7366d2906ec011e100319359fe2277d0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9e13767ccefdc4f8aa92514b592b60f6b54882ff"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a3aefb871222a9880602d1a44a558177b4143e3b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/df39038cd89525d465c2c8827eb64116873f141a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MM94-82MX-J73H

Vulnerability from github – Published: 2022-05-24 17:16 – Updated: 2024-04-01 15:30
VLAI
Details

An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the domstats command, resulting in a potential denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-12430"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-28T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the domstats command, resulting in a potential denial of service.",
  "id": "GHSA-mm94-82mx-j73h",
  "modified": "2024-04-01T15:30:27Z",
  "published": "2022-05-24T17:16:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12430"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804548"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828190"
    },
    {
      "type": "WEB",
      "url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=9bf9e0ae6af38c806f4672ca7b12a6b38d5a9581"
    },
    {
      "type": "WEB",
      "url": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=9bf9e0ae6af38c806f4672ca7b12a6b38d5a9581"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20200518-0003"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4371-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MMC5-HGPC-M8Q5

Vulnerability from github – Published: 2024-01-02 21:30 – Updated: 2024-04-25 18:30
VLAI
Details

A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-7192"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-402"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-02T19:15:11Z",
    "severity": "MODERATE"
  },
  "details": "A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.",
  "id": "GHSA-mmc5-hgpc-m8q5",
  "modified": "2024-04-25T18:30:38Z",
  "published": "2024-01-02T21:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7192"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:0723"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:0725"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1188"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1250"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1306"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1367"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1382"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:1404"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:2006"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:2008"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2023-7192"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256279"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ac4893980bbe79ce383daf9a0885666a30fe4c83"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.