Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-Q3H3-6F9F-6Q98

Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-12-02 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

clk: socfpga: Fix memory leak in socfpga_gate_init()

Free @socfpga_clk and @ops on the error path to avoid memory leak issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50264"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-15T15:15:36Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: socfpga: Fix memory leak in socfpga_gate_init()\n\nFree @socfpga_clk and @ops on the error path to avoid memory leak issue.",
  "id": "GHSA-q3h3-6f9f-6q98",
  "modified": "2025-12-02T21:31:25Z",
  "published": "2025-09-15T15:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50264"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0b8ba891ad4d1ef6bfa4c72efc83f9f9f855f68b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3e8fd1d0fab4d5c9a50d225dddc207deac12f13a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6f2198914fb9aac286a6ff6cf09b23752141e04f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9de42116fc4540f6a1ceb51fd037b734ab7be12e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f9bb9f5ba9fd501a90f255eb746b4cf2ceeaaae"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bd72ab5e6fc1c4d3e6b84636141d26a41b977b03"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q3X4-7J6P-FJ5F

Vulnerability from github – Published: 2025-09-23 15:31 – Updated: 2025-09-23 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

mxser: fix xmit_buf leak in activate when LSR == 0xff

When LSR is 0xff in ->activate() (rather unlike), we return an error. Provided ->shutdown() is not called when ->activate() fails, nothing actually frees the buffer in this case.

Fix this by properly freeing the buffer in a designated label. We jump there also from the "!info->type" if now too.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49191"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:00:56Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmxser: fix xmit_buf leak in activate when LSR == 0xff\n\nWhen LSR is 0xff in -\u003eactivate() (rather unlike), we return an error.\nProvided -\u003eshutdown() is not called when -\u003eactivate() fails, nothing\nactually frees the buffer in this case.\n\nFix this by properly freeing the buffer in a designated label. We jump\nthere also from the \"!info-\u003etype\" if now too.",
  "id": "GHSA-q3x4-7j6p-fj5f",
  "modified": "2025-09-23T15:31:08Z",
  "published": "2025-09-23T15:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49191"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2cd05c38a27bee7fb42aa4d43174d68ac55dac0f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/376922045009f8ea2d20a8fa3475e95b47c41690"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/685b6d16bf89595310b5d61394c9b97cc9505c7c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6c9041b2f90c0eace73106f22350e1d2c98f5edc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6dffc2035fbaada60ca8db59e0962e34f760370a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/996291d06851a26678a0fab488b6e1f0677c0576"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b125b08dbee3611f03f53b71471813ed4ccafcdd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q44G-G8VQ-63RX

Vulnerability from github – Published: 2025-09-23 21:30 – Updated: 2025-09-23 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/pm: fix a potential gpu_metrics_table memory leak

Memory is allocated for gpu_metrics_table in renoir_init_smc_tables(), but not freed in int smu_v12_0_fini_smc_tables(). Free it!

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47658"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T06:37:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a potential gpu_metrics_table memory leak\n\nMemory is allocated for gpu_metrics_table in renoir_init_smc_tables(),\nbut not freed in int smu_v12_0_fini_smc_tables(). Free it!",
  "id": "GHSA-q44g-g8vq-63rx",
  "modified": "2025-09-23T21:30:53Z",
  "published": "2025-09-23T21:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47658"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/583637d66a70fc7090e12fb0ebbacc33d39e2214"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q49R-X4CQ-74FC

Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-10 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: core: Remove the /proc/scsi/${proc_name} directory earlier

Remove the /proc/scsi/${proc_name} directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit 77c019768f06 ("[SCSI] fix /proc memory leak in the SCSI core").

Fix the following kernel warning:

proc_dir_entry 'scsi/scsi_debug' already registered WARNING: CPU: 19 PID: 27986 at fs/proc/generic.c:376 proc_register+0x27d/0x2e0 Call Trace: proc_mkdir+0xb5/0xe0 scsi_proc_hostdir_add+0xb5/0x170 scsi_host_alloc+0x683/0x6c0 sdebug_driver_probe+0x6b/0x2d0 [scsi_debug] really_probe+0x159/0x540 __driver_probe_device+0xdc/0x230 driver_probe_device+0x4f/0x120 __device_attach_driver+0xef/0x180 bus_for_each_drv+0xe5/0x130 __device_attach+0x127/0x290 device_initial_probe+0x17/0x20 bus_probe_device+0x110/0x130 device_add+0x673/0xc80 device_register+0x1e/0x30 sdebug_add_host_helper+0x1a7/0x3b0 [scsi_debug] scsi_debug_init+0x64f/0x1000 [scsi_debug] do_one_initcall+0xd7/0x470 do_init_module+0xe7/0x330 load_module+0x122a/0x12c0 __do_sys_finit_module+0x124/0x1a0 __x64_sys_finit_module+0x46/0x50 do_syscall_64+0x38/0x80 entry_SYSCALL_64_after_hwframe+0x46/0xb0

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53140"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-02T16:15:32Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Remove the /proc/scsi/${proc_name} directory earlier\n\nRemove the /proc/scsi/${proc_name} directory earlier to fix a race\ncondition between unloading and reloading kernel modules. This fixes a bug\nintroduced in 2009 by commit 77c019768f06 (\"[SCSI] fix /proc memory leak in\nthe SCSI core\").\n\nFix the following kernel warning:\n\nproc_dir_entry \u0027scsi/scsi_debug\u0027 already registered\nWARNING: CPU: 19 PID: 27986 at fs/proc/generic.c:376 proc_register+0x27d/0x2e0\nCall Trace:\n proc_mkdir+0xb5/0xe0\n scsi_proc_hostdir_add+0xb5/0x170\n scsi_host_alloc+0x683/0x6c0\n sdebug_driver_probe+0x6b/0x2d0 [scsi_debug]\n really_probe+0x159/0x540\n __driver_probe_device+0xdc/0x230\n driver_probe_device+0x4f/0x120\n __device_attach_driver+0xef/0x180\n bus_for_each_drv+0xe5/0x130\n __device_attach+0x127/0x290\n device_initial_probe+0x17/0x20\n bus_probe_device+0x110/0x130\n device_add+0x673/0xc80\n device_register+0x1e/0x30\n sdebug_add_host_helper+0x1a7/0x3b0 [scsi_debug]\n scsi_debug_init+0x64f/0x1000 [scsi_debug]\n do_one_initcall+0xd7/0x470\n do_init_module+0xe7/0x330\n load_module+0x122a/0x12c0\n __do_sys_finit_module+0x124/0x1a0\n __x64_sys_finit_module+0x46/0x50\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0",
  "id": "GHSA-q49r-x4cq-74fc",
  "modified": "2025-11-10T18:30:30Z",
  "published": "2025-05-02T18:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53140"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/13daafe1e209b03e9bda16ff2bd2b2da145a139b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/17e98a5ede81b7696bec421f7afa2dfe467f5e6b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1ec363599f8346d5a8d08c71a0d9860d6c420ec0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6b223e32d66ca9db1f252f433514783d8b22a8e1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/891a3cba425cf483d96facca55aebd6ff1da4338"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e471e928de97b00f297ad1015cc14f9459765713"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fc663711b94468f4e1427ebe289c9f05669699c9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q542-6QVR-358J

Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-17 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

apparmor: Fix memleak in aa_simple_write_to_buffer()

When copy_from_user failed, the memory is freed by kvfree. however the management struct and data blob are allocated independently, so only kvfree(data) cause a memleak issue here. Use aa_put_loaddata(data) to fix this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50074"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:36Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: Fix memleak in aa_simple_write_to_buffer()\n\nWhen copy_from_user failed, the memory is freed by kvfree. however the\nmanagement struct and data blob are allocated independently, so only\nkvfree(data) cause a memleak issue here. Use aa_put_loaddata(data) to\nfix this issue.",
  "id": "GHSA-q542-6qvr-358j",
  "modified": "2025-11-17T21:31:17Z",
  "published": "2025-06-18T12:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50074"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/417ea9fe972d2654a268ad66e89c8fcae67017c3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6500eb3a48ac221051b1791818a1ac74744ef617"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6583edbf459de2e06b9759f264c0ae27e452b97a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7db182a2ebeefded86fea542fcc5d6a68bb77f58"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8aab4295582eb397a125d2788b829fa62b88dbf7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bf7ebebce2c25071c719fd8a2f1307e0c243c2d7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q54V-653W-2V9V

Vulnerability from github – Published: 2024-04-10 21:30 – Updated: 2025-01-14 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: CT, Fix multiple allocations and memleak of mod acts

CT clear action offload adds additional mod hdr actions to the flow's original mod actions in order to clear the registers which hold ct_state. When such flow also includes encap action, a neigh update event can cause the driver to unoffload the flow and then reoffload it.

Each time this happens, the ct clear handling adds that same set of mod hdr actions to reset ct_state until the max of mod hdr actions is reached.

Also the driver never releases the allocated mod hdr actions and causing a memleak.

Fix above two issues by moving CT clear mod acts allocation into the parsing actions phase and only use it when offloading the rule. The release of mod acts will be done in the normal flow_put().

backtrace: [<000000007316e2f3>] krealloc+0x83/0xd0 [<00000000ef157de1>] mlx5e_mod_hdr_alloc+0x147/0x300 [mlx5_core] [<00000000970ce4ae>] mlx5e_tc_match_to_reg_set_and_get_id+0xd7/0x240 [mlx5_core] [<0000000067c5fa17>] mlx5e_tc_match_to_reg_set+0xa/0x20 [mlx5_core] [<00000000d032eb98>] mlx5_tc_ct_entry_set_registers.isra.0+0x36/0xc0 [mlx5_core] [<00000000fd23b869>] mlx5_tc_ct_flow_offload+0x272/0x1f10 [mlx5_core] [<000000004fc24acc>] mlx5e_tc_offload_fdb_rules.part.0+0x150/0x620 [mlx5_core] [<00000000dc741c17>] mlx5e_tc_encap_flows_add+0x489/0x690 [mlx5_core] [<00000000e92e49d7>] mlx5e_rep_update_flows+0x6e4/0x9b0 [mlx5_core] [<00000000f60f5602>] mlx5e_rep_neigh_update+0x39a/0x5d0 [mlx5_core]

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47199"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-10T19:15:48Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: CT, Fix multiple allocations and memleak of mod acts\n\nCT clear action offload adds additional mod hdr actions to the\nflow\u0027s original mod actions in order to clear the registers which\nhold ct_state.\nWhen such flow also includes encap action, a neigh update event\ncan cause the driver to unoffload the flow and then reoffload it.\n\nEach time this happens, the ct clear handling adds that same set\nof mod hdr actions to reset ct_state until the max of mod hdr\nactions is reached.\n\nAlso the driver never releases the allocated mod hdr actions and\ncausing a memleak.\n\nFix above two issues by moving CT clear mod acts allocation\ninto the parsing actions phase and only use it when offloading the rule.\nThe release of mod acts will be done in the normal flow_put().\n\n backtrace:\n    [\u003c000000007316e2f3\u003e] krealloc+0x83/0xd0\n    [\u003c00000000ef157de1\u003e] mlx5e_mod_hdr_alloc+0x147/0x300 [mlx5_core]\n    [\u003c00000000970ce4ae\u003e] mlx5e_tc_match_to_reg_set_and_get_id+0xd7/0x240 [mlx5_core]\n    [\u003c0000000067c5fa17\u003e] mlx5e_tc_match_to_reg_set+0xa/0x20 [mlx5_core]\n    [\u003c00000000d032eb98\u003e] mlx5_tc_ct_entry_set_registers.isra.0+0x36/0xc0 [mlx5_core]\n    [\u003c00000000fd23b869\u003e] mlx5_tc_ct_flow_offload+0x272/0x1f10 [mlx5_core]\n    [\u003c000000004fc24acc\u003e] mlx5e_tc_offload_fdb_rules.part.0+0x150/0x620 [mlx5_core]\n    [\u003c00000000dc741c17\u003e] mlx5e_tc_encap_flows_add+0x489/0x690 [mlx5_core]\n    [\u003c00000000e92e49d7\u003e] mlx5e_rep_update_flows+0x6e4/0x9b0 [mlx5_core]\n    [\u003c00000000f60f5602\u003e] mlx5e_rep_neigh_update+0x39a/0x5d0 [mlx5_core]",
  "id": "GHSA-q54v-653w-2v9v",
  "modified": "2025-01-14T18:31:49Z",
  "published": "2024-04-10T21:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47199"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/486e8de6e233ff2999493533c6259d1cb538653b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/806401c20a0f9c51b6c8fd7035671e6ca841f6c2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q553-9XVW-WW8H

Vulnerability from github – Published: 2026-05-01 15:30 – Updated: 2026-05-01 15:30
VLAI
Details

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43506"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-01T15:16:52Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections.",
  "id": "GHSA-q553-9xvw-ww8h",
  "modified": "2026-05-01T15:30:38Z",
  "published": "2026-05-01T15:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43506"
    },
    {
      "type": "WEB",
      "url": "https://prosody.im/security/advisory_735dd9d3"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2026/05/01/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q59J-53P8-6PMQ

Vulnerability from github – Published: 2022-10-17 12:00 – Updated: 2022-10-19 12:00
VLAI
Details

A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function mptcp_addr_show of the file ip/ipmptcp.c of the component iproute2. The manipulation leads to memory leak. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. VDB-211026 is the identifier assigned to this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-3528"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-404"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-16T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function mptcp_addr_show of the file ip/ipmptcp.c of the component iproute2. The manipulation leads to memory leak. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. VDB-211026 is the identifier assigned to this vulnerability.",
  "id": "GHSA-q59j-53p8-6pmq",
  "modified": "2022-10-19T12:00:20Z",
  "published": "2022-10-17T12:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3528"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=afdbb0204a5872f1f76058a0db5a529b1f0c8de7"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.211026"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q5MR-2423-G6VW

Vulnerability from github – Published: 2022-10-17 12:00 – Updated: 2022-10-19 12:00
VLAI
Details

A vulnerability has been found in Linux Kernel and classified as problematic. Affected by this vulnerability is the function fdb_get of the file bridge/fdb.c of the component iproute2. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211027.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-3529"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-404"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-16T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been found in Linux Kernel and classified as problematic. Affected by this vulnerability is the function fdb_get of the file bridge/fdb.c of the component iproute2. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211027.",
  "id": "GHSA-q5mr-2423-g6vw",
  "modified": "2022-10-19T12:00:19Z",
  "published": "2022-10-17T12:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3529"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=6db01afd60748afbba114be2773be338c5be28ff"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.211027"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q725-94PJ-F5XX

Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-07 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

tracing: Fix memory leak in tracing_read_pipe()

kmemleak reports this issue:

unreferenced object 0xffff888105a18900 (size 128): comm "test_progs", pid 18933, jiffies 4336275356 (age 22801.766s) hex dump (first 32 bytes): 25 73 00 90 81 88 ff ff 26 05 00 00 42 01 58 04 %s......&...B.X. 03 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000560143a1>] __kmalloc_node_track_caller+0x4a/0x140 [<000000006af00822>] krealloc+0x8d/0xf0 [<00000000c309be6a>] trace_iter_expand_format+0x99/0x150 [<000000005a53bdb6>] trace_check_vprintf+0x1e0/0x11d0 [<0000000065629d9d>] trace_event_printf+0xb6/0xf0 [<000000009a690dc7>] trace_raw_output_bpf_trace_printk+0x89/0xc0 [<00000000d22db172>] print_trace_line+0x73c/0x1480 [<00000000cdba76ba>] tracing_read_pipe+0x45c/0x9f0 [<0000000015b58459>] vfs_read+0x17b/0x7c0 [<000000004aeee8ed>] ksys_read+0xed/0x1c0 [<0000000063d3d898>] do_syscall_64+0x3b/0x90 [<00000000a06dda7f>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

iter->fmt alloced in tracing_read_pipe() -> .. ->trace_iter_expand_format(), but not freed, to fix, add free in tracing_release_pipe()

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49801"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T15:16:03Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix memory leak in tracing_read_pipe()\n\nkmemleak reports this issue:\n\nunreferenced object 0xffff888105a18900 (size 128):\n  comm \"test_progs\", pid 18933, jiffies 4336275356 (age 22801.766s)\n  hex dump (first 32 bytes):\n    25 73 00 90 81 88 ff ff 26 05 00 00 42 01 58 04  %s......\u0026...B.X.\n    03 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace:\n    [\u003c00000000560143a1\u003e] __kmalloc_node_track_caller+0x4a/0x140\n    [\u003c000000006af00822\u003e] krealloc+0x8d/0xf0\n    [\u003c00000000c309be6a\u003e] trace_iter_expand_format+0x99/0x150\n    [\u003c000000005a53bdb6\u003e] trace_check_vprintf+0x1e0/0x11d0\n    [\u003c0000000065629d9d\u003e] trace_event_printf+0xb6/0xf0\n    [\u003c000000009a690dc7\u003e] trace_raw_output_bpf_trace_printk+0x89/0xc0\n    [\u003c00000000d22db172\u003e] print_trace_line+0x73c/0x1480\n    [\u003c00000000cdba76ba\u003e] tracing_read_pipe+0x45c/0x9f0\n    [\u003c0000000015b58459\u003e] vfs_read+0x17b/0x7c0\n    [\u003c000000004aeee8ed\u003e] ksys_read+0xed/0x1c0\n    [\u003c0000000063d3d898\u003e] do_syscall_64+0x3b/0x90\n    [\u003c00000000a06dda7f\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\niter-\u003efmt alloced in\n  tracing_read_pipe() -\u003e .. -\u003etrace_iter_expand_format(), but not\nfreed, to fix, add free in tracing_release_pipe()",
  "id": "GHSA-q725-94pj-f5xx",
  "modified": "2025-11-07T21:31:19Z",
  "published": "2025-05-01T15:31:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49801"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2c21ee020ce43d744ecd7f3e9bddfcaafef270ce"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/649e72070cbbb8600eb823833e4748f5a0815116"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a7d3f8f33c113478737bc61bb32ec5f9a987da7d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.