Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-VGJG-QRH9-W8X6

Vulnerability from github – Published: 2026-05-06 12:30 – Updated: 2026-05-13 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: CGX: fix bitmap leaks

The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap and tx_fc_pfvf_bmap) are allocated by cgx_lmac_init() but never freed in cgx_lmac_exit(). Unbinding and rebinding the driver therefore triggers kmemleak:

unreferenced object (size 16):
    backtrace:
      rvu_alloc_bitmap
      cgx_probe

Free both bitmaps during teardown.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43157"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-06T12:16:33Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: CGX: fix bitmap leaks\n\nThe RX/TX flow-control bitmaps (rx_fc_pfvf_bmap and tx_fc_pfvf_bmap)\nare allocated by cgx_lmac_init() but never freed in cgx_lmac_exit().\nUnbinding and rebinding the driver therefore triggers kmemleak:\n\n    unreferenced object (size 16):\n        backtrace:\n          rvu_alloc_bitmap\n          cgx_probe\n\nFree both bitmaps during teardown.",
  "id": "GHSA-vgjg-qrh9-w8x6",
  "modified": "2026-05-13T21:31:58Z",
  "published": "2026-05-06T12:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43157"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/013ac469596a0b8671e62d89c89ae0bd46bbe667"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3def995c4ede842adf509c410e92d09a0cedc965"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6d389382ee655128056fbdab86baad8495ffbf33"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ad8a13a45c5c24d0d32de9a1c3fd58498a675ece"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ccca14bbdcc25829d355b9f4d3249f43dadb71c1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ccef79af58b43787c25710c9da96651c6ddfe50f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VJ4H-MG95-PJ35

Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-06-25 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()

The dw_i3c_master_i2c_xfers() function allocates memory for the xfer structure using dw_i3c_master_alloc_xfer(). If pm_runtime_resume_and_get() fails, the function returns without freeing the allocated xfer, resulting in a memory leak.

Add a dw_i3c_master_free_xfer() call to the error path to ensure the allocated memory is properly freed.

Compile tested only. Issue found using a prototype static analysis tool and code review.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-45863"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-27T14:16:58Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()\n\nThe dw_i3c_master_i2c_xfers() function allocates memory for the xfer\nstructure using dw_i3c_master_alloc_xfer(). If pm_runtime_resume_and_get()\nfails, the function returns without freeing the allocated xfer, resulting\nin a memory leak.\n\nAdd a dw_i3c_master_free_xfer() call to the error path to ensure the\nallocated memory is properly freed.\n\nCompile tested only. Issue found using a prototype static analysis tool\nand code review.",
  "id": "GHSA-vj4h-mg95-pj35",
  "modified": "2026-06-25T21:31:18Z",
  "published": "2026-05-27T15:33:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45863"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/140a45bd4f6db7d1b30cab967d29689b946c52fa"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2537089413514caaa9a5fdeeac3a34d45100f747"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8e71414e252c1cb235911008a98fd47927d3a55c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a2c41467ef42f69a3958493a0395ba75174710dc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VJ66-RQM3-J78P

Vulnerability from github – Published: 2022-05-24 19:16 – Updated: 2022-05-24 19:16
VLAI
Details

A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-34698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-06T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.",
  "id": "GHSA-vj66-rqm3-j78p",
  "modified": "2022-05-24T19:16:41Z",
  "published": "2022-05-24T19:16:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34698"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-dos-fmHdKswk"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-VJ9R-GJ66-2WXF

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI
Details

A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-22046"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-02T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c.",
  "id": "GHSA-vj9r-gj66-2wxf",
  "modified": "2022-05-24T19:03:52Z",
  "published": "2022-05-24T19:03:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22046"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://trac.ffmpeg.org/ticket/8294"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-VJFQ-34VR-XPMM

Vulnerability from github – Published: 2025-06-10 18:32 – Updated: 2025-06-10 18:32
VLAI
Details

Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-29828"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-10T17:21:17Z",
    "severity": "HIGH"
  },
  "details": "Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.",
  "id": "GHSA-vjfq-34vr-xpmm",
  "modified": "2025-06-10T18:32:27Z",
  "published": "2025-06-10T18:32:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29828"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29828"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VJM5-V2MX-WQMV

Vulnerability from github – Published: 2026-03-25 12:30 – Updated: 2026-04-27 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

nfc: nci: complete pending data exchange on device close

In nci_close_device(), complete any pending data exchange before closing. The data exchange callback (e.g. rawsock_data_exchange_complete) holds a socket reference.

NIPA occasionally hits this leak:

unreferenced object 0xff1100000f435000 (size 2048): comm "nci_dev", pid 3954, jiffies 4295441245 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 27 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00 '..@............ backtrace (crc ec2b3c5): __kmalloc_noprof+0x4db/0x730 sk_prot_alloc.isra.0+0xe4/0x1d0 sk_alloc+0x36/0x760 rawsock_create+0xd1/0x540 nfc_sock_create+0x11f/0x280 __sock_create+0x22d/0x630 __sys_socket+0x115/0x1d0 __x64_sys_socket+0x72/0xd0 do_syscall_64+0x117/0xfc0 entry_SYSCALL_64_after_hwframe+0x4b/0x53

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23330"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T11:16:30Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: complete pending data exchange on device close\n\nIn nci_close_device(), complete any pending data exchange before\nclosing. The data exchange callback (e.g.\nrawsock_data_exchange_complete) holds a socket reference.\n\nNIPA occasionally hits this leak:\n\nunreferenced object 0xff1100000f435000 (size 2048):\n  comm \"nci_dev\", pid 3954, jiffies 4295441245\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    27 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  \u0027..@............\n  backtrace (crc ec2b3c5):\n    __kmalloc_noprof+0x4db/0x730\n    sk_prot_alloc.isra.0+0xe4/0x1d0\n    sk_alloc+0x36/0x760\n    rawsock_create+0xd1/0x540\n    nfc_sock_create+0x11f/0x280\n    __sock_create+0x22d/0x630\n    __sys_socket+0x115/0x1d0\n    __x64_sys_socket+0x72/0xd0\n    do_syscall_64+0x117/0xfc0\n    entry_SYSCALL_64_after_hwframe+0x4b/0x53",
  "id": "GHSA-vjm5-v2mx-wqmv",
  "modified": "2026-04-27T15:30:29Z",
  "published": "2026-03-25T12:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23330"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/66083581945bd5b8e99fe49b5aeb83d03f62d053"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/702029337b057085ea13f964822dcd95e0fe53f5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/91ff0d8c3464da7f0c43da38c195e60b660128bf"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9df613ef6e8e873cdab969a11f74823488977f1f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d05f55d68ebdebb2b0a8480d766eaae88c8c92de"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VJQV-F876-5P65

Vulnerability from github – Published: 2022-05-24 17:00 – Updated: 2024-04-04 02:37
VLAI
Details

An exploitable vulnerability exists in the grsecurity PaX patch for the function read_kmem, in PaX from version pax-linux-4.9.8-test1 to 4.9.24-test7, grsecurity official from version grsecurity-3.1-4.9.8-201702060653 to grsecurity-3.1-4.9.24-201704252333, grsecurity unofficial from version v4.9.25-unofficialgrsec to v4.9.74-unofficialgrsec. PaX adds a temp buffer to the read_kmem function, which is never freed when an invalid address is supplied. This results in a memory leakage that can lead to a crash of the system. An attacker needs to induce a read to /dev/kmem using an invalid address to exploit this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-5023"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-31T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An exploitable vulnerability exists in the grsecurity PaX patch for the function read_kmem, in PaX from version pax-linux-4.9.8-test1 to 4.9.24-test7, grsecurity official from version grsecurity-3.1-4.9.8-201702060653 to grsecurity-3.1-4.9.24-201704252333, grsecurity unofficial from version v4.9.25-unofficialgrsec to v4.9.74-unofficialgrsec. PaX adds a temp buffer to the read_kmem function, which is never freed when an invalid address is supplied. This results in a memory leakage that can lead to a crash of the system. An attacker needs to induce a read to /dev/kmem using an invalid address to exploit this vulnerability.",
  "id": "GHSA-vjqv-f876-5p65",
  "modified": "2024-04-04T02:37:20Z",
  "published": "2022-05-24T17:00:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5023"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0784"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VJWQ-39RM-VJ29

Vulnerability from github – Published: 2025-09-15 15:31 – Updated: 2025-12-04 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

drivers: serial: jsm: fix some leaks in probe

This error path needs to unwind instead of just returning directly.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-15T15:15:42Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: serial: jsm: fix some leaks in probe\n\nThis error path needs to unwind instead of just returning directly.",
  "id": "GHSA-vjwq-39rm-vj29",
  "modified": "2025-12-04T15:30:30Z",
  "published": "2025-09-15T15:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50312"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1d5859ef229e381f4db38dce8ed58e4bf862006b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3bf05c2650cf6b8d83bf0b0d808cc78c6ee7e84c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3ea1fd63fdf0e83b491c2a9f25b395aa0e4bf6e8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6066bd69ffba3a6abc7c0793ccba1da79b7d77e3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6be8e565a4a60530797a974d0a3d0e30656166a1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/71ffe5111f0ffa2fd43c14fd176c6f05d4e82212"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/737594536dc3ce732976c0d84bb1dcc842065521"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/744c2d33a88b082d9d504520f0132b3d688547b2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ff9a5e50fb1910be33e62925bc7ee3bef474879e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VM7F-W6GX-MXH8

Vulnerability from github – Published: 2024-08-22 03:31 – Updated: 2024-08-27 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

thermal: int340x: fix memory leak in int3400_notify()

It is easy to hit the below memory leaks in my TigerLake platform:

unreferenced object 0xffff927c8b91dbc0 (size 32): comm "kworker/0:2", pid 112, jiffies 4294893323 (age 83.604s) hex dump (first 32 bytes): 4e 41 4d 45 3d 49 4e 54 33 34 30 30 20 54 68 65 NAME=INT3400 The 72 6d 61 6c 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 rmal.kkkkkkkkkk. backtrace: [] __kmalloc_track_caller+0x2fe/0x4a0 [] kvasprintf+0x65/0xd0 [] kasprintf+0x4e/0x70 [] int3400_notify+0x82/0x120 [int3400_thermal] [] acpi_ev_notify_dispatch+0x54/0x71 [] acpi_os_execute_deferred+0x17/0x30 [] process_one_work+0x21a/0x3f0 [] worker_thread+0x4a/0x3b0 [] kthread+0xfd/0x130 [] ret_from_fork+0x1f/0x30

Fix it by calling kfree() accordingly.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48924"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-22T02:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: fix memory leak in int3400_notify()\n\nIt is easy to hit the below memory leaks in my TigerLake platform:\n\nunreferenced object 0xffff927c8b91dbc0 (size 32):\n  comm \"kworker/0:2\", pid 112, jiffies 4294893323 (age 83.604s)\n  hex dump (first 32 bytes):\n    4e 41 4d 45 3d 49 4e 54 33 34 30 30 20 54 68 65  NAME=INT3400 The\n    72 6d 61 6c 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5  rmal.kkkkkkkkkk.\n  backtrace:\n    [\u003cffffffff9c502c3e\u003e] __kmalloc_track_caller+0x2fe/0x4a0\n    [\u003cffffffff9c7b7c15\u003e] kvasprintf+0x65/0xd0\n    [\u003cffffffff9c7b7d6e\u003e] kasprintf+0x4e/0x70\n    [\u003cffffffffc04cb662\u003e] int3400_notify+0x82/0x120 [int3400_thermal]\n    [\u003cffffffff9c8b7358\u003e] acpi_ev_notify_dispatch+0x54/0x71\n    [\u003cffffffff9c88f1a7\u003e] acpi_os_execute_deferred+0x17/0x30\n    [\u003cffffffff9c2c2c0a\u003e] process_one_work+0x21a/0x3f0\n    [\u003cffffffff9c2c2e2a\u003e] worker_thread+0x4a/0x3b0\n    [\u003cffffffff9c2cb4dd\u003e] kthread+0xfd/0x130\n    [\u003cffffffff9c201c1f\u003e] ret_from_fork+0x1f/0x30\n\nFix it by calling kfree() accordingly.",
  "id": "GHSA-vm7f-w6gx-mxh8",
  "modified": "2024-08-27T18:31:36Z",
  "published": "2024-08-22T03:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48924"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e798814e01827871938ff172d2b2ccf1e74b355"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/33c73a4d7e7b19313a6b417152f5365016926418"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3abea10e6a8f0e7804ed4c124bea2d15aca977c8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ba9efbbf6745750d34c1e87c9539ce9db645ca0a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c3fa6d1937a8d0828131a04ae2cd2c30d0668693"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e098933866f9e1dd3ef4eebbe2e3d504f970f599"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f0ddc5184b0127038d05008e2a69f89d1e13f980"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VM7P-QHQQ-3564

Vulnerability from github – Published: 2025-09-18 18:30 – Updated: 2025-12-11 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: snic: Fix possible memory leak if device_add() fails

If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanp().

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53436"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-18T16:15:47Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: snic: Fix possible memory leak if device_add() fails\n\nIf device_add() returns error, the name allocated by dev_set_name() needs\nbe freed. As the comment of device_add() says, put_device() should be used\nto give up the reference in the error path. So fix this by calling\nput_device(), then the name can be freed in kobject_cleanp().",
  "id": "GHSA-vm7p-qhqq-3564",
  "modified": "2025-12-11T18:30:34Z",
  "published": "2025-09-18T18:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53436"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/41320b18a0e0dfb236dba4edb9be12dba1878156"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/461f8ac666fa232afee5ed6420099913ec4e4ba2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/58889d5ad74cbc1c9595db74e13522b58b69b0ec"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7723a5d5d187626c4c640842e522cf4e9e39492e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/789275f7c0544374d40bc8d9c81f96751a41df45"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cea09922f5f75652d55b481ee34011fc7f19868b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ed0acb1ee2e9322b96611635a9ca9303d15ac76c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f830968d464f55e11bc9260a132fc77daa266aa3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.