CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-W9C2-JF2X-M4CC
Vulnerability from github – Published: 2025-05-02 18:31 – Updated: 2025-11-10 18:30In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove()
Free mrioc->sas_hba.phy at .remove.
{
"affected": [],
"aliases": [
"CVE-2023-53126"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-02T16:15:31Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove()\n\nFree mrioc-\u003esas_hba.phy at .remove.",
"id": "GHSA-w9c2-jf2x-m4cc",
"modified": "2025-11-10T18:30:29Z",
"published": "2025-05-02T18:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53126"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/480aae2f30637b5140e9c7a9b10298e538df2b5e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c60a7c7508645a9f36e4a18a5f548fb79378acd1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d4caa1a4255cc44be56bcab3db2c97c632e6cc10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W9JF-3RVW-RJRV
Vulnerability from github – Published: 2022-05-02 04:00 – Updated: 2025-04-11 03:50Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.
{
"affected": [],
"aliases": [
"CVE-2009-5063"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-08-31T23:55:00Z",
"severity": "MODERATE"
},
"details": "Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.",
"id": "GHSA-w9jf-3rvw-rjrv",
"modified": "2025-04-11T03:50:10Z",
"published": "2022-05-02T04:00:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-5063"
},
{
"type": "WEB",
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18"
},
{
"type": "WEB",
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/49660"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2011/03/22/7"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2011/03/28/6"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-W9R3-FW4F-W35F
Vulnerability from github – Published: 2025-03-18 21:31 – Updated: 2025-03-18 21:31In the Linux kernel, the following vulnerability has been resolved:
samples/landlock: Fix path_list memory leak
Clang static analysis reports this error
sandboxer.c:134:8: warning: Potential leak of memory pointed to by 'path_list' ret = 0; ^ path_list is allocated in parse_path() but never freed.
{
"affected": [],
"aliases": [
"CVE-2021-47654"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T06:37:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nsamples/landlock: Fix path_list memory leak\n\nClang static analysis reports this error\n\nsandboxer.c:134:8: warning: Potential leak of memory\n pointed to by \u0027path_list\u0027\n ret = 0;\n ^\npath_list is allocated in parse_path() but never freed.",
"id": "GHSA-w9r3-fw4f-w35f",
"modified": "2025-03-18T21:31:58Z",
"published": "2025-03-18T21:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47654"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/017196730299ccd6eed24bbfabed8af4ffd81530"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/20fbf100f84b9aeb9c91421abe1927bc152bc32b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/49b0d8bf05809df5f87e5c03e26d74bdfdab4571"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/66b513b7c64a7290c1fbb88e657f7cece992e131"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WCFX-JCHH-3334
Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2026-01-16 21:30In the Linux kernel, the following vulnerability has been resolved:
ext4: fix leaking uninitialized memory in fast-commit journal
When space at the end of fast-commit journal blocks is unused, make sure to zero it out so that uninitialized memory is not leaked to disk.
{
"affected": [],
"aliases": [
"CVE-2022-50465"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-01T12:15:40Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix leaking uninitialized memory in fast-commit journal\n\nWhen space at the end of fast-commit journal blocks is unused, make sure\nto zero it out so that uninitialized memory is not leaked to disk.",
"id": "GHSA-wcfx-jchh-3334",
"modified": "2026-01-16T21:30:29Z",
"published": "2025-10-01T12:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50465"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/594bc43b410316d70bb42aeff168837888d96810"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7c1fb65e8ce85c281d2cba9c236f9edbbc4eaca6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/871800770d7f2f952c7249ad52485c3564dab44e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b8b7922374b00a44137e5bcdd46ef86c8b065f27"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d9ba03eb03dc2dccb5450de388ea46bdcaaf8348"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WCMX-9W9J-Q7PH
Vulnerability from github – Published: 2026-04-10 00:30 – Updated: 2026-04-10 00:30A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).
In an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.
Use the following command to monitor the memory consumption by l2ald:
user@device> show system process extensive | match "PID|l2ald"
This issue affects:
Junos OS:
- all versions before 22.4R3-S5,
- 23.2 versions before 23.2R2-S3,
- 23.4 versions before 23.4R2-S4,
- 24.2 versions before 24.2R2;
Junos OS Evolved:
- all versions before 22.4R3-S5-EVO,
- 23.2 versions before 23.2R2-S3-EVO,
- 23.4 versions before 23.4R2-S4-EVO,
- 24.2 versions before 24.2R2-EVO.
{
"affected": [],
"aliases": [
"CVE-2026-33780"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-09T22:16:26Z",
"severity": "HIGH"
},
"details": "A Missing Release of Memory after Effective Lifetime vulnerability in the\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\n\n\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\n\nUse the following command to monitor the memory consumption by l2ald:\n\nuser@device\u003e show system process extensive | match \"PID|l2ald\" \n\n\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * all versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S5-EVO,\n * 23.2 versions before 23.2R2-S3-EVO,\n * 23.4 versions before 23.4R2-S4-EVO,\n * 24.2 versions before 24.2R2-EVO.",
"id": "GHSA-wcmx-9w9j-q7ph",
"modified": "2026-04-10T00:30:29Z",
"published": "2026-04-10T00:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33780"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA107819"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WF7V-V54Q-4Q9X
Vulnerability from github – Published: 2022-05-24 17:01 – Updated: 2024-03-21 03:33A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9.
{
"affected": [],
"aliases": [
"CVE-2019-19076"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-18T06:15:00Z",
"severity": "HIGH"
},
"details": "A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9.",
"id": "GHSA-wf7v-v54q-4q9x",
"modified": "2024-03-21T03:33:48Z",
"published": "2022-05-24T17:01:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19076"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/78beef629fd95be4ed853b2d37b832f766bd96ca"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/linus/1d1997db870f4058676439ef7014390ba9e24eb2"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/lkml/20191204103955.63c4d9af%40cakuba.netronome.com"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/lkml/20191204103955.63c4d9af@cakuba.netronome.com"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20191205-0001"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4209-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WFG8-CWX5-W8XC
Vulnerability from github – Published: 2022-05-13 01:22 – Updated: 2022-05-13 01:22sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv.
{
"affected": [],
"aliases": [
"CVE-2019-6502"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-22T08:29:00Z",
"severity": "HIGH"
},
"details": "sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv.",
"id": "GHSA-wfg8-cwx5-w8xc",
"modified": "2022-05-13T01:22:42Z",
"published": "2022-05-13T01:22:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6502"
},
{
"type": "WEB",
"url": "https://github.com/OpenSC/OpenSC/issues/1586"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/12/29/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WFX3-6G53-9FGC
Vulnerability from github – Published: 2026-02-25 19:13 – Updated: 2026-06-24 13:09A memory leak vulnerability exists in multiple coders that write raw pixel data where an object is not freed.
Direct leak of 160 byte(s) in 1 object(s) allocated from:
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-AnyCPU"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-AnyCPU"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-OpenMP-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-OpenMP-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-HDRI-x86"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-OpenMP-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-OpenMP-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-OpenMP-x86"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q16-x86"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-AnyCPU"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-OpenMP-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-OpenMP-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-arm64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-x64"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Magick.NET-Q8-x86"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "14.10.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-56368"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-25T19:13:32Z",
"nvd_published_at": null,
"severity": "LOW"
},
"details": "A memory leak vulnerability exists in multiple coders that write raw pixel data where an object is not freed. \n\n```\nDirect leak of 160 byte(s) in 1 object(s) allocated from:\n```",
"id": "GHSA-wfx3-6g53-9fgc",
"modified": "2026-06-24T13:09:44Z",
"published": "2026-02-25T19:13:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wfx3-6g53-9fgc"
},
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/commit/fe0a49a58ac5b7a18ff2618b6207dcad71123e43"
},
{
"type": "PACKAGE",
"url": "https://github.com/ImageMagick/ImageMagick"
},
{
"type": "WEB",
"url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "ImageMagick: Memory Leak in multiple coders that write raw pixel data "
}
GHSA-WFX4-V2WF-4GMP
Vulnerability from github – Published: 2026-06-25 09:31 – Updated: 2026-07-02 21:32In the Linux kernel, the following vulnerability has been resolved:
tee: shm: fix shm leak in register_shm_helper()
register_shm_helper() allocates shm before calling iov_iter_npages(). If iov_iter_npages() returns 0, the function jumps to err_ctx_put and leaks shm.
This can be triggered by TEE_IOC_SHM_REGISTER with struct tee_ioctl_shm_register_data where length is 0.
Jump to err_free_shm instead.
{
"affected": [],
"aliases": [
"CVE-2026-53210"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-25T09:16:38Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: shm: fix shm leak in register_shm_helper()\n\nregister_shm_helper() allocates shm before calling\niov_iter_npages(). If iov_iter_npages() returns 0, the function\njumps to err_ctx_put and leaks shm.\n\nThis can be triggered by TEE_IOC_SHM_REGISTER with\nstruct tee_ioctl_shm_register_data where length is 0.\n\nJump to err_free_shm instead.",
"id": "GHSA-wfx4-v2wf-4gmp",
"modified": "2026-07-02T21:32:04Z",
"published": "2026-06-25T09:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53210"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/26682f5efc276e3ad96d102019472bfbf03833b2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4277759906b44d923a38c8f59f5576501b187b0d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c10c9c48b2903f41ed4c532043b0576e86228236"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dbf779db927414f5b37c1f666013e9b48a88cfde"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WG8P-RR8X-VM7C
Vulnerability from github – Published: 2026-01-31 12:30 – Updated: 2026-03-25 21:30In the Linux kernel, the following vulnerability has been resolved:
dmaengine: sh: rz-dmac: fix device leak on probe failure
Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures (e.g. probe deferral).
{
"affected": [],
"aliases": [
"CVE-2025-71187"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-31T12:16:03Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: sh: rz-dmac: fix device leak on probe failure\n\nMake sure to drop the reference taken when looking up the ICU device\nduring probe also on probe failures (e.g. probe deferral).",
"id": "GHSA-wg8p-rr8x-vm7c",
"modified": "2026-03-25T21:30:24Z",
"published": "2026-01-31T12:30:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71187"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/926d1666420c227eab50962a8622c1b8444720e8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9fb490323997dcb6f749cd2660a17a39854600cd"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.