Common Weakness Enumeration

CWE-401

Allowed

Missing Release of Memory after Effective Lifetime

Abstraction: Variant · Status: Draft

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

2002 vulnerabilities reference this CWE, most recent first.

GHSA-5CPJ-J8XH-5RGH

Vulnerability from github – Published: 2026-03-25 18:31 – Updated: 2026-03-25 18:31
VLAI
Details

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition on an affected device.

This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit of Cisco IOS Software and IOS XE Software could allow the attacker to cause the affected device to reload, resulting in a DoS condition. A successful exploit of Cisco Secure Firewall ASA Software and Secure FTD Software could allow the attacker to partially exhaust system memory, resulting in system instability, such as the inability to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-20012"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T16:16:10Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition on an affected device.\n\n This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit of Cisco IOS Software and IOS XE Software could allow the attacker to cause the affected device to reload, resulting in a DoS condition. A successful exploit of Cisco Secure Firewall ASA Software and Secure FTD Software could allow the attacker to partially exhaust system memory, resulting in system instability, such as the inability to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.",
  "id": "GHSA-5cpj-j8xh-5rgh",
  "modified": "2026-03-25T18:31:46Z",
  "published": "2026-03-25T18:31:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20012"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-kPEpQGGK"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5CQV-55PW-MRCP

Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20
VLAI
Details

pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-23876"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-10T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.",
  "id": "GHSA-5cqv-55pw-mrcp",
  "modified": "2022-05-24T19:20:14Z",
  "published": "2022-05-24T19:20:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23876"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kermitt2/pdf2xml/issues/14"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Aurorainfinity/Poc/tree/master/pdf2xml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-5CRP-HWJ6-6WWW

Vulnerability from github – Published: 2026-03-18 18:31 – Updated: 2026-05-29 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

regmap: maple: free entry on mas_store_gfp() failure

regcache_maple_write() allocates a new block ('entry') to merge adjacent ranges and then stores it with mas_store_gfp(). When mas_store_gfp() fails, the new 'entry' remains allocated and is never freed, leaking memory.

Free 'entry' on the failure path; on success continue freeing the replaced neighbor blocks ('lower', 'upper').

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-23260"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-18T18:16:24Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: maple: free entry on mas_store_gfp() failure\n\nregcache_maple_write() allocates a new block (\u0027entry\u0027) to merge\nadjacent ranges and then stores it with mas_store_gfp().\nWhen mas_store_gfp() fails, the new \u0027entry\u0027 remains allocated and\nis never freed, leaking memory.\n\nFree \u0027entry\u0027 on the failure path; on success continue freeing the\nreplaced neighbor blocks (\u0027lower\u0027, \u0027upper\u0027).",
  "id": "GHSA-5crp-hwj6-6www",
  "modified": "2026-05-29T21:31:16Z",
  "published": "2026-03-18T18:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23260"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/811b45e2d795d955bb7fd9c816b40036f4fde350"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d61171cf097156030142643942c217759a9cc806"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f08f2d2907675926ac5657b25f86d921f269602a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f3f380ce6b3d5c9805c7e0b3d5bc28d9ec41e2e8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5CVC-J2XM-H554

Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2025-12-03 21:30
VLAI
Details

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19956"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401",
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-24T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.",
  "id": "GHSA-5cvc-j2xm-h554",
  "modified": "2025-12-03T21:30:58Z",
  "published": "2022-05-24T17:05:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20200114-0002"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4274-1"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5F6G-Q8F6-3C5X

Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-12-12 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

mt76: mt7915: fix tx skb dma unmap

The first pointer in the txp needs to be unmapped as well, otherwise it will leak DMA mapping entries

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47032"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-28T09:15:39Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7915: fix tx skb dma unmap\n\nThe first pointer in the txp needs to be unmapped as well, otherwise it will\nleak DMA mapping entries",
  "id": "GHSA-5f6g-q8f6-3c5x",
  "modified": "2024-12-12T18:30:49Z",
  "published": "2024-02-28T09:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47032"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4a9dcd6efb2a268fc5707dcfb3b0c412975c4462"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4e7914ce23306b28d377ec395e00e5fde0e6f96e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7dcf3c04f0aca746517a77433b33d40868ca4749"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e2cdc9cb33c5963efe1a7c022753386f9463d1b7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5FX7-QFG5-MPMC

Vulnerability from github – Published: 2024-02-27 21:31 – Updated: 2025-01-08 18:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

ovl: fix leaked dentry

Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when shutting down the related superblock:

overlayfs: refusing to follow metacopy origin for (/file0) ... BUG: Dentry (_ptrval_){i=3f33,n=file3} still in use (1) [unmount of overlay overlay] ... WARNING: CPU: 1 PID: 432 at umount_check.cold+0x107/0x14d CPU: 1 PID: 432 Comm: unmount-overlay Not tainted 5.12.0-rc5 #1 ... RIP: 0010:umount_check.cold+0x107/0x14d ... Call Trace: d_walk+0x28c/0x950 ? dentry_lru_isolate+0x2b0/0x2b0 ? __kasan_slab_free+0x12/0x20 do_one_tree+0x33/0x60 shrink_dcache_for_umount+0x78/0x1d0 generic_shutdown_super+0x70/0x440 kill_anon_super+0x3e/0x70 deactivate_locked_super+0xc4/0x160 deactivate_super+0xfa/0x140 cleanup_mnt+0x22e/0x370 __cleanup_mnt+0x1a/0x30 task_work_run+0x139/0x210 do_exit+0xb0c/0x2820 ? __kasan_check_read+0x1d/0x30 ? find_held_lock+0x35/0x160 ? lock_release+0x1b6/0x660 ? mm_update_next_owner+0xa20/0xa20 ? reacquire_held_locks+0x3f0/0x3f0 ? __sanitizer_cov_trace_const_cmp4+0x22/0x30 do_group_exit+0x135/0x380 __do_sys_exit_group.isra.0+0x20/0x20 __x64_sys_exit_group+0x3c/0x50 do_syscall_64+0x45/0x70 entry_SYSCALL_64_after_hwframe+0x44/0xae ... VFS: Busy inodes after unmount of overlay. Self-destruct in 5 seconds. Have a nice day...

This fix has been tested with a syzkaller reproducer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46972"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-27T19:04:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix leaked dentry\n\nSince commit 6815f479ca90 (\"ovl: use only uppermetacopy state in\novl_lookup()\"), overlayfs doesn\u0027t put temporary dentry when there is a\nmetacopy error, which leads to dentry leaks when shutting down the related\nsuperblock:\n\n  overlayfs: refusing to follow metacopy origin for (/file0)\n  ...\n  BUG: Dentry (____ptrval____){i=3f33,n=file3}  still in use (1) [unmount of overlay overlay]\n  ...\n  WARNING: CPU: 1 PID: 432 at umount_check.cold+0x107/0x14d\n  CPU: 1 PID: 432 Comm: unmount-overlay Not tainted 5.12.0-rc5 #1\n  ...\n  RIP: 0010:umount_check.cold+0x107/0x14d\n  ...\n  Call Trace:\n   d_walk+0x28c/0x950\n   ? dentry_lru_isolate+0x2b0/0x2b0\n   ? __kasan_slab_free+0x12/0x20\n   do_one_tree+0x33/0x60\n   shrink_dcache_for_umount+0x78/0x1d0\n   generic_shutdown_super+0x70/0x440\n   kill_anon_super+0x3e/0x70\n   deactivate_locked_super+0xc4/0x160\n   deactivate_super+0xfa/0x140\n   cleanup_mnt+0x22e/0x370\n   __cleanup_mnt+0x1a/0x30\n   task_work_run+0x139/0x210\n   do_exit+0xb0c/0x2820\n   ? __kasan_check_read+0x1d/0x30\n   ? find_held_lock+0x35/0x160\n   ? lock_release+0x1b6/0x660\n   ? mm_update_next_owner+0xa20/0xa20\n   ? reacquire_held_locks+0x3f0/0x3f0\n   ? __sanitizer_cov_trace_const_cmp4+0x22/0x30\n   do_group_exit+0x135/0x380\n   __do_sys_exit_group.isra.0+0x20/0x20\n   __x64_sys_exit_group+0x3c/0x50\n   do_syscall_64+0x45/0x70\n   entry_SYSCALL_64_after_hwframe+0x44/0xae\n  ...\n  VFS: Busy inodes after unmount of overlay. Self-destruct in 5 seconds.  Have a nice day...\n\nThis fix has been tested with a syzkaller reproducer.",
  "id": "GHSA-5fx7-qfg5-mpmc",
  "modified": "2025-01-08T18:30:40Z",
  "published": "2024-02-27T21:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46972"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/71d58457a8afc650da5d3292a7f7029317654d95"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cf3e3330bc5719fa9d658e3e2f596bde89344a94"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d587cfaef72b1b6f4b2774827123bce91f497cc8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5G4G-HGMR-MQRX

Vulnerability from github – Published: 2024-05-22 09:31 – Updated: 2024-11-06 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()

'params' is allocated in digital_tg_listen_mdaa(), but not free when digital_send_cmd() failed, which will cause memory leak. Fix it by freeing 'params' if digital_send_cmd() return failed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-47443"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-22T07:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_tg_listen_mdaa()\n\n\u0027params\u0027 is allocated in digital_tg_listen_mdaa(), but not free when\ndigital_send_cmd() failed, which will cause memory leak. Fix it by\nfreeing \u0027params\u0027 if digital_send_cmd() return failed.",
  "id": "GHSA-5g4g-hgmr-mqrx",
  "modified": "2024-11-06T18:31:04Z",
  "published": "2024-05-22T09:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47443"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5G6F-MMX7-RP64

Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2025-11-04 00:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

exfat: fix memory leak in exfat_load_bitmap()

If the first directory entry in the root directory is not a bitmap directory entry, 'bh' will not be released and reassigned, which will cause a memory leak.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50013"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-21T19:15:04Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix memory leak in exfat_load_bitmap()\n\nIf the first directory entry in the root directory is not a bitmap\ndirectory entry, \u0027bh\u0027 will not be released and reassigned, which\nwill cause a memory leak.",
  "id": "GHSA-5g6f-mmx7-rp64",
  "modified": "2025-11-04T00:31:45Z",
  "published": "2024-10-21T21:30:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50013"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4e1813e52f86eb8db0c6c9570251f2fcbc571f5d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/89081e8407e637463db5880d168e3652fb9f4330"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bf0b3b35259475d1fe377bcaa565488e26684f7a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d2b537b3e533f28e0d97293fe9293161fe8cd137"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dca359db1eb37f334267ebd7e3cab9a66d191d5b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ddf704c2ce3b73f38d2dd8cf1bb0f7ec038bdf63"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f692160d3e1e5450605071b8df8f7d08d9b09a83"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5G8H-G27F-MH64

Vulnerability from github – Published: 2025-07-25 15:30 – Updated: 2025-11-19 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

nvmet: fix memory leak of bio integrity

If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio->bi_integrity.

Since commit bf4c89fc8797 ("block: don't call bio_uninit from bio_endio") each user of bio_init has to use bio_uninit as well. Otherwise the bio integrity is not getting free. Nvmet uses bio_init for inline bios.

Uninit the inline bio to complete deallocation of integrity in bio.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38405"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-25T14:15:32Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix memory leak of bio integrity\n\nIf nvmet receives commands with metadata there is a continuous memory\nleak of kmalloc-128 slab or more precisely bio-\u003ebi_integrity.\n\nSince commit bf4c89fc8797 (\"block: don\u0027t call bio_uninit from bio_endio\")\neach user of bio_init has to use bio_uninit as well. Otherwise the bio\nintegrity is not getting free. Nvmet uses bio_init for inline bios.\n\nUninit the inline bio to complete deallocation of integrity in bio.",
  "id": "GHSA-5g8h-g27f-mh64",
  "modified": "2025-11-19T18:31:16Z",
  "published": "2025-07-25T15:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38405"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/190f4c2c863af7cc5bb354b70e0805f06419c038"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e2028fcf924d1c6df017033c8d6e28b735a0508"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/431e58d56fcb5ff1f9eb630724a922e0d2a941df"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5GVG-FGGQ-R6F6

Vulnerability from github – Published: 2024-07-11 18:31 – Updated: 2025-04-11 15:32
VLAI
Details

A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).

In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart.

This issue affects Junos OS on MX Series:

  • All version before 21.2R3-S6,
  • 21.4 versions before 21.4R3-S6,
  • 22.1 versions before 22.1R3-S5,
  • 22.2 versions before 22.2R3-S3, 
  • 22.3 versions before 22.3R3-S2,
  • 22.4 versions before 22.4R3,
  • 23.2 versions before 23.2R2.
Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39539"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-11T17:15:12Z",
    "severity": "MODERATE"
  },
  "details": "A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a\u00a0Denial-of-Service (DoS).\n\nIn a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart.\n\nThis issue affects Junos OS on MX Series:\n\n\n\n  *  All version before 21.2R3-S6,\n  *  21.4 versions before 21.4R3-S6,\n  *  22.1 versions before 22.1R3-S5,\n  *  22.2 versions before 22.2R3-S3,\u00a0\n  *  22.3 versions before 22.3R3-S2,\n  *  22.4 versions before 22.4R3,\n  *  23.2 versions before 23.2R2.",
  "id": "GHSA-5gvg-fggq-r6f6",
  "modified": "2025-04-11T15:32:22Z",
  "published": "2024-07-11T18:31:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39539"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA82999"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation MIT-41
Implementation

Strategy: Libraries or Frameworks

  • Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
  • For example, glibc in Linux provides protection against free of invalid pointers.
  • When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
  • To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Architecture and Design Build and Compilation

Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.

No CAPEC attack patterns related to this CWE.