CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-27G5-CF66-M7V6
Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-12-09 21:31In the Linux kernel, the following vulnerability has been resolved:
crypto: sa2ul - Fix memory leak of rxd
There are two error return paths that are not freeing rxd and causing memory leaks. Fix these.
Addresses-Coverity: ("Resource leak")
{
"affected": [],
"aliases": [
"CVE-2021-47052"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-28T09:15:40Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: sa2ul - Fix memory leak of rxd\n\nThere are two error return paths that are not freeing rxd and causing\nmemory leaks. Fix these.\n\nAddresses-Coverity: (\"Resource leak\")",
"id": "GHSA-27g5-cf66-m7v6",
"modified": "2024-12-09T21:31:00Z",
"published": "2024-02-28T09:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47052"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0e596b3734649041ed77edc86a23c0442bbe062b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/854b7737199848a91f6adfa0a03cf6f0c46c86e8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b7bd0657c2036add71981d88a7fae50188150b6e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dfd6443bf49ac17adf882ca46c40c506a0284bd6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-282C-48VC-5752
Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-11 15:32In the Linux kernel, the following vulnerability has been resolved:
media: i2c/tw9906: Fix potential memory leak in tw9906_probe()
In one of the error paths in tw9906_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handler_free() on the handler in that error path.
{
"affected": [],
"aliases": [
"CVE-2026-43246"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-06T12:16:45Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c/tw9906: Fix potential memory leak in tw9906_probe()\n\nIn one of the error paths in tw9906_probe(), the memory allocated in\nv4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that\nby calling v4l2_ctrl_handler_free() on the handler in that error path.",
"id": "GHSA-282c-48vc-5752",
"modified": "2026-05-11T15:32:08Z",
"published": "2026-05-06T12:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43246"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0c33338514d8246280533a77091e6b6ee548c606"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/377a7756914364d72550fc86ca0f404ef1d96141"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/59420d5d9c46b084e21f9ea6ce79fc79ae9e414c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9548a8bbf511a252a9848f96220c6b95c9a3b918"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cad237b6c875fbee5d353a2b289e98d240d17ec8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ccb92def042a3636ed47f25a30bd553788e5191e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e9a490937942f18205dac7b6b192975ef1369ae1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fb09d8b80046216646f1a344410cfa9cfa6c6c7c"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2885-GRQH-2673
Vulnerability from github – Published: 2025-01-23 15:31 – Updated: 2025-12-07 00:30In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_set_pipapo: fix initial map fill
The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size.
After each round in the map search step, the result and the fill map are swapped, so if we have a set where f->bsize of the first element is smaller than m->bsize_max, those one-bits are leaked into future rounds result map.
This makes pipapo find an incorrect matching results for sets where first field size is not the largest.
Followup patch adds a test case to nft_concat_range.sh selftest script.
Thanks to Stefano Brivio for pointing out that we need to zero out the remainder explicitly, only correcting memset() argument isn't enough.
{
"affected": [],
"aliases": [
"CVE-2024-57947"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-23T14:15:25Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"id": "GHSA-2885-grqh-2673",
"modified": "2025-12-07T00:30:55Z",
"published": "2025-01-23T15:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57947"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/69b6a67f7052905e928d75a0c5871de50e686986"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/77bf0c4ab928ca4c9a99311f4f70ba0c17fecba9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/791a615b7ad2258c560f91852be54b0480837c93"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8058c88ac0df21239daee54b5934d5c80ca9685f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/957a4d1c4c5849e4515c9fb4db21bf85318103dc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9625c46ce6fd4f922595a4b32b1de5066d70464f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-28C9-MQ9X-7PCR
Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2025-06-23 21:31In the Linux kernel, the following vulnerability has been resolved:
KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
vcpu_put is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues.
{
"affected": [],
"aliases": [
"CVE-2021-47296"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-21T15:15:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak\n\nvcpu_put is not called if the user copy fails. This can result in preempt\nnotifier corruption and crashes, among other issues.",
"id": "GHSA-28c9-mq9x-7pcr",
"modified": "2025-06-23T21:31:21Z",
"published": "2024-05-21T15:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47296"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9bafc34dc4ad0cef18727c557f21ed3c3304df50"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a4a488915feaad38345cc01b80d52e8200ff5209"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bc4188a2f56e821ea057aca6bf444e138d06c252"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e14ef1095387f764d95614d3ec9e4d07c82a3533"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f38527f1890543cdfca8dfd06f75f9887cce6151"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-28J2-GR4P-P982
Vulnerability from github – Published: 2024-05-22 09:31 – Updated: 2025-01-07 21:30In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
Commit 8c0eb596baa5 ("[SCSI] qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()"), intended to change:
bsg_job->request->msgcode == FC_BSG_HST_ELS_NOLOGIN
bsg_job->request->msgcode != FC_BSG_RPT_ELS
but changed it to:
bsg_job->request->msgcode == FC_BSG_RPT_ELS
instead.
Change the == to a != to avoid leaking the fcport structure or freeing unallocated memory.
{
"affected": [],
"aliases": [
"CVE-2021-47473"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-22T07:15:12Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()\n\nCommit 8c0eb596baa5 (\"[SCSI] qla2xxx: Fix a memory leak in an error path of\nqla2x00_process_els()\"), intended to change:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_HST_ELS_NOLOGIN\n\n\n bsg_job-\u003erequest-\u003emsgcode != FC_BSG_RPT_ELS\n\nbut changed it to:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_RPT_ELS\n\ninstead.\n\nChange the == to a != to avoid leaking the fcport structure or freeing\nunallocated memory.",
"id": "GHSA-28j2-gr4p-p982",
"modified": "2025-01-07T21:30:54Z",
"published": "2024-05-22T09:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47473"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-28X7-22J7-WRCC
Vulnerability from github – Published: 2025-10-07 18:31 – Updated: 2026-02-04 00:30In the Linux kernel, the following vulnerability has been resolved:
fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
If 'mipid_detect()' fails, we must free 'md' to avoid a memory leak.
{
"affected": [],
"aliases": [
"CVE-2023-53650"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-07T16:15:48Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()\n\nIf \u0027mipid_detect()\u0027 fails, we must free \u0027md\u0027 to avoid a memory leak.",
"id": "GHSA-28x7-22j7-wrcc",
"modified": "2026-02-04T00:30:28Z",
"published": "2025-10-07T18:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53650"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/09ea1ae4a2ec17774892cfcff50f6d33dfa1e06f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3b4c21804076e461a6453ee4d09872172336aa1d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/716efd08985e3104031d1b655930b1f1c45fa8a7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/79a3908d1ea6c35157a6d907b1a9d8ec06015e7a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7a8f9293bee51183023c5e37e7ebf0543cd2a134"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7cca0af3167dd9603da5fa6fff3392f8338e97e1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9e3858f82e3ced1e990ef7116c3a16c84e62093e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ce6e0434e502abdf966164b7c72523fb5fe54635"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d97840bf5a388c6cbf6e46216887bf17be62acc2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-28XH-CHPH-8X29
Vulnerability from github – Published: 2024-07-10 09:30 – Updated: 2024-11-25 21:30In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix missing sk_buff release in seg6_input_core
The seg6_input() function is responsible for adding the SRH into a packet, delegating the operation to the seg6_input_core(). This function uses the skb_cow_head() to ensure that there is sufficient headroom in the sk_buff for accommodating the link-layer header. In the event that the skb_cow_header() function fails, the seg6_input_core() catches the error but it does not release the sk_buff, which will result in a memory leak.
This issue was introduced in commit af3b5158b89d ("ipv6: sr: fix BUG due to headroom too small after SRH push") and persists even after commit 7a3f5b0de364 ("netfilter: add netfilter hooks to SRv6 data plane"), where the entire seg6_input() code was refactored to deal with netfilter hooks.
The proposed patch addresses the identified memory leak by requiring the seg6_input_core() function to release the sk_buff in the event that skb_cow_head() fails.
{
"affected": [],
"aliases": [
"CVE-2024-39490"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-10T08:15:11Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix missing sk_buff release in seg6_input_core\n\nThe seg6_input() function is responsible for adding the SRH into a\npacket, delegating the operation to the seg6_input_core(). This function\nuses the skb_cow_head() to ensure that there is sufficient headroom in\nthe sk_buff for accommodating the link-layer header.\nIn the event that the skb_cow_header() function fails, the\nseg6_input_core() catches the error but it does not release the sk_buff,\nwhich will result in a memory leak.\n\nThis issue was introduced in commit af3b5158b89d (\"ipv6: sr: fix BUG due\nto headroom too small after SRH push\") and persists even after commit\n7a3f5b0de364 (\"netfilter: add netfilter hooks to SRv6 data plane\"),\nwhere the entire seg6_input() code was refactored to deal with netfilter\nhooks.\n\nThe proposed patch addresses the identified memory leak by requiring the\nseg6_input_core() function to release the sk_buff in the event that\nskb_cow_head() fails.",
"id": "GHSA-28xh-chph-8x29",
"modified": "2024-11-25T21:30:48Z",
"published": "2024-07-10T09:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39490"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5447f9708d9e4c17a647b16a9cb29e9e02820bd9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8f1fc3b86eaea70be6abcae2e9aa7e7b99453864"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e8688218e38111ace457509d8f0cad75f79c1a7a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f4df8c7670a73752201cbde215254598efdf6ce8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f5fec1588642e415a3d72e02140160661b303940"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-299C-RWX7-XH4Q
Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-13 21:31In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Fix a potential gpu_metrics_table memory leak
Memory is allocated for gpu_metrics_table in smu_v13_0_4_init_smc_tables(), but not freed in smu_v13_0_4_fini_smc_tables(). This may cause memory leaks, fix it.
{
"affected": [],
"aliases": [
"CVE-2022-49971"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-18T11:15:24Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Fix a potential gpu_metrics_table memory leak\n\nMemory is allocated for gpu_metrics_table in\nsmu_v13_0_4_init_smc_tables(), but not freed in\nsmu_v13_0_4_fini_smc_tables(). This may cause memory leaks, fix it.",
"id": "GHSA-299c-rwx7-xh4q",
"modified": "2025-11-13T21:31:17Z",
"published": "2025-06-18T12:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49971"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4b25bdb54578f3b96ff055e5d27bc1cb82950e51"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5afb76522a0af0513b6dc01f84128a73206b051b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-29C6-3HCJ-89CF
Vulnerability from github – Published: 2025-02-12 19:20 – Updated: 2025-02-12 19:20Calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/microsoft/go-crypto-winnative"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.0-20250211154640-f49c8e1379ea"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-25199"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-12T19:20:24Z",
"nvd_published_at": "2025-02-12T18:15:27Z",
"severity": "HIGH"
},
"details": "Calls to `cng.TLS1PRF` don\u0027t release the key handle, producing a small memory leak every time.",
"id": "GHSA-29c6-3hcj-89cf",
"modified": "2025-02-12T19:20:24Z",
"published": "2025-02-12T19:20:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/microsoft/go-crypto-winnative/security/advisories/GHSA-29c6-3hcj-89cf"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25199"
},
{
"type": "WEB",
"url": "https://github.com/microsoft/go-crypto-winnative/commit/f49c8e1379ea4b147d5bff1b3be5b0ff45792e41"
},
{
"type": "PACKAGE",
"url": "https://github.com/microsoft/go-crypto-winnative"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "go-crypto-winnative BCryptGenerateSymmetricKey memory leak"
}
GHSA-29H5-9G4G-X624
Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-16 15:33In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix memory leaks in rxkad_verify_response()
Fix rxkad_verify_response() to free the ticket and the server key under all circumstances by initialising the ticket pointer to NULL and then making all paths through the function after the first allocation has been done go through a single common epilogue that just releases everything - where all the releases skip on a NULL pointer.
{
"affected": [],
"aliases": [
"CVE-2026-46012"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-27T14:17:19Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix memory leaks in rxkad_verify_response()\n\nFix rxkad_verify_response() to free the ticket and the server key under all\ncircumstances by initialising the ticket pointer to NULL and then making\nall paths through the function after the first allocation has been done go\nthrough a single common epilogue that just releases everything - where all\nthe releases skip on a NULL pointer.",
"id": "GHSA-29h5-9g4g-x624",
"modified": "2026-06-16T15:33:41Z",
"published": "2026-05-27T15:33:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46012"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/34f61a07e0cdefaecd3ec03bb5fb22215643678f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/852b9d64cea421336579b2de3d1338dfa677e2dd"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/861b9a0a1823bf064a7b810d29502a9ef043f40f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c4b8f32e73eafd4a5076be890c7c8506ec04567c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c91f33fb8356dedc82bc56ce210f1a5dbee62a52"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.