Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-RWQR-MQ87-5P2C

Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-20 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ubifs: Fix memory leak in alloc_wbufs()

kmemleak reported a sequence of memory leaks, and show them as following:

unreferenced object 0xffff8881575f8400 (size 1024): comm "mount", pid 19625, jiffies 4297119604 (age 20.383s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] __kmalloc+0x4d/0x150 [] ubifs_mount+0x307b/0x7170 [ubifs] [] legacy_get_tree+0xed/0x1d0 [] vfs_get_tree+0x7d/0x230 [] path_mount+0xdd4/0x17b0 [] __x64_sys_mount+0x1fa/0x270 [] do_syscall_64+0x35/0x80 [] entry_SYSCALL_64_after_hwframe+0x46/0xb0

unreferenced object 0xffff8881798a6e00 (size 512): comm "mount", pid 19677, jiffies 4297121912 (age 37.816s) hex dump (first 32 bytes): 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk backtrace: [] __kmalloc+0x4d/0x150 [] ubifs_wbuf_init+0x52/0x480 [ubifs] [] ubifs_mount+0x31f5/0x7170 [ubifs] [] legacy_get_tree+0xed/0x1d0 [] vfs_get_tree+0x7d/0x230 [] path_mount+0xdd4/0x17b0 [] __x64_sys_mount+0x1fa/0x270 [] do_syscall_64+0x35/0x80 [] entry_SYSCALL_64_after_hwframe+0x46/0xb0

The problem is that the ubifs_wbuf_init() returns an error in the loop which in the alloc_wbufs(), then the wbuf->buf and wbuf->inodes that were successfully alloced before are not freed.

Fix it by adding error hanging path in alloc_wbufs() which frees the memory alloced before when ubifs_wbuf_init() returns an error.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53468"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T12:15:48Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix memory leak in alloc_wbufs()\n\nkmemleak reported a sequence of memory leaks, and show them as following:\n\n  unreferenced object 0xffff8881575f8400 (size 1024):\n    comm \"mount\", pid 19625, jiffies 4297119604 (age 20.383s)\n    hex dump (first 32 bytes):\n      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    backtrace:\n      [\u003cffffffff8176cecd\u003e] __kmalloc+0x4d/0x150\n      [\u003cffffffffa0406b2b\u003e] ubifs_mount+0x307b/0x7170 [ubifs]\n      [\u003cffffffff819fa8fd\u003e] legacy_get_tree+0xed/0x1d0\n      [\u003cffffffff81936f2d\u003e] vfs_get_tree+0x7d/0x230\n      [\u003cffffffff819b2bd4\u003e] path_mount+0xdd4/0x17b0\n      [\u003cffffffff819b37aa\u003e] __x64_sys_mount+0x1fa/0x270\n      [\u003cffffffff83c14295\u003e] do_syscall_64+0x35/0x80\n      [\u003cffffffff83e0006a\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\n  unreferenced object 0xffff8881798a6e00 (size 512):\n    comm \"mount\", pid 19677, jiffies 4297121912 (age 37.816s)\n    hex dump (first 32 bytes):\n      6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b  kkkkkkkkkkkkkkkk\n      6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b  kkkkkkkkkkkkkkkk\n    backtrace:\n      [\u003cffffffff8176cecd\u003e] __kmalloc+0x4d/0x150\n      [\u003cffffffffa0418342\u003e] ubifs_wbuf_init+0x52/0x480 [ubifs]\n      [\u003cffffffffa0406ca5\u003e] ubifs_mount+0x31f5/0x7170 [ubifs]\n      [\u003cffffffff819fa8fd\u003e] legacy_get_tree+0xed/0x1d0\n      [\u003cffffffff81936f2d\u003e] vfs_get_tree+0x7d/0x230\n      [\u003cffffffff819b2bd4\u003e] path_mount+0xdd4/0x17b0\n      [\u003cffffffff819b37aa\u003e] __x64_sys_mount+0x1fa/0x270\n      [\u003cffffffff83c14295\u003e] do_syscall_64+0x35/0x80\n      [\u003cffffffff83e0006a\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe problem is that the ubifs_wbuf_init() returns an error in the\nloop which in the alloc_wbufs(), then the wbuf-\u003ebuf and wbuf-\u003einodes\nthat were successfully alloced before are not freed.\n\nFix it by adding error hanging path in alloc_wbufs() which frees\nthe memory alloced before when ubifs_wbuf_init() returns an error.",
  "id": "GHSA-rwqr-mq87-5p2c",
  "modified": "2026-01-20T18:31:51Z",
  "published": "2025-10-01T12:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53468"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1f206002c6bc302bface871ef3f72c0bbcaa931c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/26ec45f1c504e15268383019df139d7983f1e67f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3e29634eb56e6547272fe4e568f63421f8b3b9fa"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4a1ff3c5d04b9079b4f768d9a71b51c4af578dd2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bf50229494f0443b3f08427d7df63e5a7e2a796a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e11f36d3bc4d23f620754a948fe7b82b63dcb185"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RWR3-HM95-VV7P

Vulnerability from github – Published: 2022-05-03 00:00 – Updated: 2022-05-11 00:01
VLAI
Details

A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-1515"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-02T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS.",
  "id": "GHSA-rwr3-hm95-vv7p",
  "modified": "2022-05-11T00:01:57Z",
  "published": "2022-05-03T00:00:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1515"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tbeu/matio/issues/186"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079986"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RX6X-4FRG-6JXM

Vulnerability from github – Published: 2025-09-23 21:30 – Updated: 2025-09-23 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

mm/mempolicy: fix mpol_new leak in shared_policy_replace

If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized yet, so mpol_put could not do the right things and might leak the unused mpol_new. This would happen if mempolicy was updated on the shared shmem file while the sp->lock has been dropped during the memory allocation.

This issue could be triggered easily with the below code snippet if there are many processes doing the below work at the same time:

shmid = shmget((key_t)5566, 1024 * PAGE_SIZE, 0666|IPC_CREAT); shm = shmat(shmid, 0, 0); loop many times { mbind(shm, 1024 * PAGE_SIZE, MPOL_LOCAL, mask, maxnode, 0); mbind(shm + 128 * PAGE_SIZE, 128 * PAGE_SIZE, MPOL_DEFAULT, mask, maxnode, 0); }

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49080"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:00:45Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: fix mpol_new leak in shared_policy_replace\n\nIf mpol_new is allocated but not used in restart loop, mpol_new will be\nfreed via mpol_put before returning to the caller.  But refcnt is not\ninitialized yet, so mpol_put could not do the right things and might\nleak the unused mpol_new.  This would happen if mempolicy was updated on\nthe shared shmem file while the sp-\u003elock has been dropped during the\nmemory allocation.\n\nThis issue could be triggered easily with the below code snippet if\nthere are many processes doing the below work at the same time:\n\n  shmid = shmget((key_t)5566, 1024 * PAGE_SIZE, 0666|IPC_CREAT);\n  shm = shmat(shmid, 0, 0);\n  loop many times {\n    mbind(shm, 1024 * PAGE_SIZE, MPOL_LOCAL, mask, maxnode, 0);\n    mbind(shm + 128 * PAGE_SIZE, 128 * PAGE_SIZE, MPOL_DEFAULT, mask,\n          maxnode, 0);\n  }",
  "id": "GHSA-rx6x-4frg-6jxm",
  "modified": "2025-09-23T21:30:54Z",
  "published": "2025-09-23T21:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49080"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/198932a14aeb19a15cf19e51e151d023bc4cd648"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/25f506273b6ae806fd46bfcb6fdaa5b9ec81a05b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/39a32f3c06f6d68a530bf9612afa19f50f12e93d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4ad099559b00ac01c3726e5c95dc3108ef47d03e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5e16dc5378abd749a836daa9ee4ab2c8d2668999"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6e00309ac716fa8225f0cbde2cd9c24f0e74ee21"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8510c2346d9e47a72b7f018a36ef0c39483e53d6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f7e183b0a7136b6dc9c7b9b2a85a608a8feba894"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fe39ac59dbbf893b73b24e3184161d0bd06d6651"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXFW-48WV-X4RF

Vulnerability from github – Published: 2025-08-14 18:31 – Updated: 2025-08-14 18:31
VLAI
Details

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.

This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20254"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-14T17:15:39Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.\n\n This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.",
  "id": "GHSA-rxfw-48wv-x4rf",
  "modified": "2025-08-14T18:31:30Z",
  "published": "2025-08-14T18:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20254"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXGX-47RC-F5C4

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI
Details

A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-22054"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-02T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c.",
  "id": "GHSA-rxgx-47rc-f5c4",
  "modified": "2022-05-24T19:03:51Z",
  "published": "2022-05-24T19:03:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22054"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://trac.ffmpeg.org/ticket/8315"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4990"
    },
    {
      "type": "WEB",
      "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6f2a3958cfac135c60b509a61a4fd39432d8f9a9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-RXPW-85VW-FX87

Vulnerability from github – Published: 2024-01-26 20:12 – Updated: 2024-01-26 20:12
VLAI
Summary
OpenFGA denial of service
Details

Overview

OpenFGA is vulnerable to a DoS attack. In some scenarios that depend on the model and tuples used, a call to ListObjects may not release memory properly. So when a sufficiently high number of those calls are executed, the OpenFGA server can create an "out of memory" error and terminate.

Fix

Upgrade to v1.4.3. This upgrade is backwards compatible.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/openfga/openfga"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-23820"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-26T20:12:00Z",
    "nvd_published_at": "2024-01-26T17:15:13Z",
    "severity": "MODERATE"
  },
  "details": "## Overview\nOpenFGA is vulnerable to a DoS attack. In some scenarios that depend on the model and tuples used, a call to ListObjects may not  release memory properly. So when a sufficiently high number of those calls are executed, the OpenFGA server can create an \"out of memory\" error and terminate.\n\n## Fix\nUpgrade to v1.4.3. This upgrade is backwards compatible.",
  "id": "GHSA-rxpw-85vw-fx87",
  "modified": "2024-01-26T20:12:00Z",
  "published": "2024-01-26T20:12:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openfga/openfga/security/advisories/GHSA-rxpw-85vw-fx87"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23820"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openfga/openfga/commit/908ac85c8b7769c8042cca31886df8db01976c39"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openfga/openfga"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openfga/openfga/releases/tag/v1.4.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OpenFGA denial of service"
}

GHSA-RXR7-X8X4-F7CC

Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-16 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

clk: samsung: Fix memory leak in _samsung_clk_register_pll()

If clk_register() fails, @pll->rate_table may have allocated memory by kmemdup(), so it needs to be freed, otherwise will cause memory leak issue, this patch fixes it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50449"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T12:15:37Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: samsung: Fix memory leak in _samsung_clk_register_pll()\n\nIf clk_register() fails, @pll-\u003erate_table may have allocated memory by\nkmemdup(), so it needs to be freed, otherwise will cause memory leak\nissue, this patch fixes it.",
  "id": "GHSA-rxr7-x8x4-f7cc",
  "modified": "2026-01-16T21:30:28Z",
  "published": "2025-10-01T12:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50449"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e8dc0626fe86ae08914478dec1419618c557bc0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4887ec922e407b4feaf060c7b099482a5c52dee3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4e501a31af8efa593a2f003637b56d00b75dca23"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5174e5b0d1b669a489524192b6adcbb3c54ebc72"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7b738276a596fa101d320591e9fa84ea0fc3f713"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a00b4e0fa27317957536abf8f5d6a96d6cb9d9be"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a35323218ff32782d051d2643912311a22e07b6a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/da13355bb9961316d124f94dfc7a1385d0fb035a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXRM-M4VP-VCHQ

Vulnerability from github – Published: 2025-10-07 18:31 – Updated: 2026-02-05 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

arm_smmu_pmu_init() won't remove the callback added by cpuhp_setup_state_multi() when platform_driver_register() failed. Remove the callback by cpuhp_remove_multi_state() in fail path.

Similar to the handling of arm_ccn_init() in commit 26242b330093 ("bus: arm-ccn: Prevent hotplug callback leak")

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50510"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-07T16:15:34Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()\n\narm_smmu_pmu_init() won\u0027t remove the callback added by\ncpuhp_setup_state_multi() when platform_driver_register() failed. Remove\nthe callback by cpuhp_remove_multi_state() in fail path.\n\nSimilar to the handling of arm_ccn_init() in commit 26242b330093 (\"bus:\narm-ccn: Prevent hotplug callback leak\")",
  "id": "GHSA-rxrm-m4vp-vchq",
  "modified": "2026-02-05T15:31:07Z",
  "published": "2025-10-07T18:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50510"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/359286f886feef38536eaa7e673dc3440f03b0a1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/582babe17ea878ec1d76f30e03f3a6ce6e30eb91"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6f2d566b46436a50a80d6445e82879686b89588c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b131304fe722853cf26e55c4fa21fc58a36e7f21"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d69bdb61d577297d3851fc9f6403574bf73ef41f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f245ca9a0fe7f794a8187ad803d5e2ced5a11cb2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXV4-87WM-F3XR

Vulnerability from github – Published: 2024-12-29 12:30 – Updated: 2025-01-06 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfx_v9_0 Module

This commit addresses an omission in the previous patch related to the cleaner shader support for GFX9 hardware. Specifically, it adds the necessary deinitialization code for the cleaner shader in the gfx_v9_0_sw_fini function.

The added line amdgpu_gfx_cleaner_shader_sw_fini(adev); ensures that any allocated resources for the cleaner shader are freed correctly, avoiding potential memory leaks and ensuring that the GPU state is clean for the next initialization sequence.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-56753"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-29T12:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfx_v9_0 Module\n\nThis commit addresses an omission in the previous patch related to the\ncleaner shader support for GFX9 hardware. Specifically, it adds the\nnecessary deinitialization code for the cleaner shader in the\ngfx_v9_0_sw_fini function.\n\nThe added line amdgpu_gfx_cleaner_shader_sw_fini(adev); ensures that any\nallocated resources for the cleaner shader are freed correctly, avoiding\npotential memory leaks and ensuring that the GPU state is clean for the\nnext initialization sequence.",
  "id": "GHSA-rxv4-87wm-f3xr",
  "modified": "2025-01-06T21:30:51Z",
  "published": "2024-12-29T12:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56753"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/720c0376b3d29cbab921a60062fda5980742ed9d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e47cb9d2533200d49dd5364d4a148119492f8a3d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXX8-HW28-8WHC

Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-12-06 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

mt76: mt7615: fix memory leak in mt7615_coredump_work

Similar to the issue fixed in mt7921_coredump_work, fix a possible memory leak in mt7615_coredump_work routine.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47030"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-28T09:15:39Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7615: fix memory leak in mt7615_coredump_work\n\nSimilar to the issue fixed in mt7921_coredump_work, fix a possible memory\nleak in mt7615_coredump_work routine.",
  "id": "GHSA-rxx8-hw28-8whc",
  "modified": "2024-12-06T21:30:35Z",
  "published": "2024-02-28T09:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47030"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/49cc85059a2cb656f96ff3693f891e8fe8f669a9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/54b989653c5531bc4416ced33f146b9cb633d978"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.