CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-QR96-W82V-R28G
Vulnerability from github – Published: 2022-11-23 09:30 – Updated: 2022-11-26 06:31mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters.
{
"affected": [],
"aliases": [
"CVE-2021-46854"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-23T07:15:00Z",
"severity": "HIGH"
},
"details": "mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters.",
"id": "GHSA-qr96-w82v-r28g",
"modified": "2022-11-26T06:31:18Z",
"published": "2022-11-23T09:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46854"
},
{
"type": "WEB",
"url": "https://github.com/proftpd/proftpd/issues/1284"
},
{
"type": "WEB",
"url": "https://github.com/proftpd/proftpd/pull/1285"
},
{
"type": "WEB",
"url": "https://bugs.gentoo.org/811495"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202305-03"
},
{
"type": "WEB",
"url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.7e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QRJF-69Q3-8PQJ
Vulnerability from github – Published: 2022-10-17 19:00 – Updated: 2022-10-19 12:00A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043.
{
"affected": [],
"aliases": [
"CVE-2022-3543"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-404"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-17T12:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043.",
"id": "GHSA-qrjf-69q3-8pqj",
"modified": "2022-10-19T12:00:19Z",
"published": "2022-10-17T19:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3543"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=7a62ed61367b8fd01bae1e18e30602c25060d824"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.211043"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QRPX-WVJR-V7CH
Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2024-03-21 03:33A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929.
{
"affected": [],
"aliases": [
"CVE-2019-19055"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-18T06:15:00Z",
"severity": "HIGH"
},
"details": "A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929.",
"id": "GHSA-qrpx-wvjr-v7ch",
"modified": "2024-03-21T03:33:47Z",
"published": "2022-05-24T17:01:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19055"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/1399c59fa92984836db90538cf92397fe7caaa57"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157319"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4225-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4225-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4226-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QRQ7-3VQM-PWMG
Vulnerability from github – Published: 2022-05-13 01:22 – Updated: 2022-05-13 01:22An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.
{
"affected": [],
"aliases": [
"CVE-2019-6457"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-16T18:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.",
"id": "GHSA-qrq7-3vqm-pwmg",
"modified": "2022-05-13T01:22:42Z",
"published": "2022-05-13T01:22:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6457"
},
{
"type": "WEB",
"url": "https://github.com/TeamSeri0us/pocs/tree/master/recutils"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QRXG-6W43-8H52
Vulnerability from github – Published: 2024-05-21 18:31 – Updated: 2025-09-23 21:30In the Linux kernel, the following vulnerability has been resolved:
IB/hfi1: Restore allocated resources on failed copyout
Fix a resource leak if an error occurs.
{
"affected": [],
"aliases": [
"CVE-2023-52747"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T16:15:14Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Restore allocated resources on failed copyout\n\nFix a resource leak if an error occurs.",
"id": "GHSA-qrxg-6w43-8h52",
"modified": "2025-09-23T21:30:53Z",
"published": "2024-05-21T18:31:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52747"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/00d9e212b8a39e6ffcf31b9d2e503d2bf6009d45"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0a4f811f2e5d07bbd0c9226f4afb0a1270a831ae"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6601fc0d15ffc20654e39486f9bef35567106d68"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7896accedf5bf1277d2f305718e36dc8bac7e321"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/79b595d9591426156a9e0635a5b5115508a36fef"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9bae58d58b6bb73b572356b31a62d2afc7378d12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QRXQ-FH5P-2V4X
Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-05 15:31In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix multishot accept request leaks
Having REQ_F_POLLED set doesn't guarantee that the request is executed as a multishot from the polling path. Fortunately for us, if the code thinks it's multishot issue when it's not, it can only ask to skip completion so leaking the request. Use issue_flags to mark multipoll issues.
{
"affected": [],
"aliases": [
"CVE-2022-49791"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T15:16:02Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix multishot accept request leaks\n\nHaving REQ_F_POLLED set doesn\u0027t guarantee that the request is\nexecuted as a multishot from the polling path. Fortunately for us, if\nthe code thinks it\u0027s multishot issue when it\u0027s not, it can only ask to\nskip completion so leaking the request. Use issue_flags to mark\nmultipoll issues.",
"id": "GHSA-qrxq-fh5p-2v4x",
"modified": "2025-11-05T15:31:01Z",
"published": "2025-05-01T15:31:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49791"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0e4626de856ef8f25ecd9c716e76d4f95ce95639"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/91482864768a874c4290ef93b84a78f4f1dac51b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QV32-5J3W-F77Q
Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-16 21:30In the Linux kernel, the following vulnerability has been resolved:
powerpc/52xx: Fix a resource leak in an error handling path
The error handling path of mpc52xx_lpbfifo_probe() has a request_irq() that is not balanced by a corresponding free_irq().
Add the missing call, as already done in the remove function.
{
"affected": [],
"aliases": [
"CVE-2022-50463"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-01T12:15:39Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/52xx: Fix a resource leak in an error handling path\n\nThe error handling path of mpc52xx_lpbfifo_probe() has a request_irq()\nthat is not balanced by a corresponding free_irq().\n\nAdd the missing call, as already done in the remove function.",
"id": "GHSA-qv32-5j3w-f77q",
"modified": "2026-01-16T21:30:29Z",
"published": "2025-10-01T12:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50463"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0accd460dc7bbe5f55e41a8867c63db9d07b3ec8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/40b4be399e0db7073dec5a0de5ca9994f7e31e58"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5836947613ef33d311b4eff6a32d019580a214f5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9bf842ffdd216b9f94d5b051b5d8b815f2426538"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/be9caf2c936f15a9c3f9111e62bdde6357312f90"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cbda93665a3857324f5c79e45769a83c78183199"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e4002f293e5b44e57d2930513cca0dff32249812"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f4ad0a7f0e78d65d38921ab2bef234e49be78b10"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fb3ef6a5af4b003502c940ea50c0f55b06ebbfc9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QV6X-RF2V-9HW8
Vulnerability from github – Published: 2024-06-19 15:30 – Updated: 2024-08-01 21:31In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature
Without this commit, reading chip temperature will cause memory leakage.
{
"affected": [],
"aliases": [
"CVE-2024-38563"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-19T14:15:16Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: fix potential memory leakage when reading chip temperature\n\nWithout this commit, reading chip temperature will cause memory leakage.",
"id": "GHSA-qv6x-rf2v-9hw8",
"modified": "2024-08-01T21:31:40Z",
"published": "2024-06-19T15:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38563"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/474b9412f33be87076b40a49756662594598a85e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/84e81f9b4818b8efe89beb12a246d5d510631939"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ef46dbb93fc9279fb7de883aac22abffe214e6b5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QV92-HWC3-CHXF
Vulnerability from github – Published: 2026-03-18 18:31 – Updated: 2026-05-29 21:31In the Linux kernel, the following vulnerability has been resolved:
net: liquidio: Initialize netdev pointer before queue setup
In setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq(). However, the pointer to this structure is stored in oct->props[i].netdev only after the calls to netif_set_real_num_rx_queues() and netif_set_real_num_tx_queues().
If either of these functions fails, setup_nic_devices() returns an error without freeing the allocated netdev. Since oct->props[i].netdev is still NULL at this point, the cleanup function liquidio_destroy_nic_device() will fail to find and free the netdev, resulting in a memory leak.
Fix this by initializing oct->props[i].netdev before calling the queue setup functions. This ensures that the netdev is properly accessible for cleanup in case of errors.
Compile tested only. Issue found using a prototype static analysis tool and code review.
{
"affected": [],
"aliases": [
"CVE-2026-23258"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-18T18:16:24Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: liquidio: Initialize netdev pointer before queue setup\n\nIn setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq().\nHowever, the pointer to this structure is stored in oct-\u003eprops[i].netdev\nonly after the calls to netif_set_real_num_rx_queues() and\nnetif_set_real_num_tx_queues().\n\nIf either of these functions fails, setup_nic_devices() returns an error\nwithout freeing the allocated netdev. Since oct-\u003eprops[i].netdev is still\nNULL at this point, the cleanup function liquidio_destroy_nic_device()\nwill fail to find and free the netdev, resulting in a memory leak.\n\nFix this by initializing oct-\u003eprops[i].netdev before calling the queue\nsetup functions. This ensures that the netdev is properly accessible for\ncleanup in case of errors.\n\nCompile tested only. Issue found using a prototype static analysis tool\nand code review.",
"id": "GHSA-qv92-hwc3-chxf",
"modified": "2026-05-29T21:31:16Z",
"published": "2026-03-18T18:31:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23258"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1d4590fde856cb94bd9a46e795c29d8288c238fc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/926ede0c85e1e57c97d64d9612455267d597bb2c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a0e57c0b68c9e6f9a8fd7c1167861a5a730eb2f4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/be109646cdaecab262f6276303b1763468c94378"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c0ed6c77ec34050971fd0df2a94dfdea66d09331"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c81a8515fb8c8fb5d0dbc21f48337494bf1d60df"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d028147ae06407cb355245db1774793600670169"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QV94-9C4F-29WH
Vulnerability from github – Published: 2025-03-27 18:31 – Updated: 2025-04-15 15:30In the Linux kernel, the following vulnerability has been resolved:
net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
Syzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is not freed when an allocation of a key fails.
BUG: memory leak unreferenced object 0xffff888116668000 (size 632): comm "syz-executor231", pid 1090, jiffies 4294844701 (age 18.871s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [inline] [<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77 [<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957 [<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739 [<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800 [<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515 [<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] [<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339 [<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934 [<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [inline] [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671 [<00000000698574ba>] _syssendmsg+0x70a/0x870 net/socket.c:2356 [<00000000d28d9e11>] _sys_sendmsg+0xf3/0x170 net/socket.c:2410 [<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439 [<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46 [<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6
To fix this the patch rearranges the goto labels to reflect the order of object allocations and adds appropriate goto statements on the error paths.
Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
{
"affected": [],
"aliases": [
"CVE-2023-52977"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-27T17:15:44Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix flow memory leak in ovs_flow_cmd_new\n\nSyzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is\nnot freed when an allocation of a key fails.\n\nBUG: memory leak\nunreferenced object 0xffff888116668000 (size 632):\n comm \"syz-executor231\", pid 1090, jiffies 4294844701 (age 18.871s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c00000000defa3494\u003e] kmem_cache_zalloc include/linux/slab.h:654 [inline]\n [\u003c00000000defa3494\u003e] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77\n [\u003c00000000c67d8873\u003e] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957\n [\u003c0000000010a539a8\u003e] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739\n [\u003c00000000dff3302d\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [\u003c00000000dff3302d\u003e] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800\n [\u003c000000000286dd87\u003e] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515\n [\u003c0000000061fed410\u003e] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n [\u003c000000009dc0f111\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [\u003c000000009dc0f111\u003e] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339\n [\u003c000000004a5ee816\u003e] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934\n [\u003c00000000482b476f\u003e] sock_sendmsg_nosec net/socket.c:651 [inline]\n [\u003c00000000482b476f\u003e] sock_sendmsg+0x152/0x190 net/socket.c:671\n [\u003c00000000698574ba\u003e] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356\n [\u003c00000000d28d9e11\u003e] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410\n [\u003c0000000083ba9120\u003e] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439\n [\u003c00000000c00628f8\u003e] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [\u003c000000004abfdcf4\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nTo fix this the patch rearranges the goto labels to reflect the order of\nobject allocations and adds appropriate goto statements on the error\npaths.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"id": "GHSA-qv94-9c4f-29wh",
"modified": "2025-04-15T15:30:47Z",
"published": "2025-03-27T18:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52977"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.