CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2002 vulnerabilities reference this CWE, most recent first.
GHSA-5CPJ-J8XH-5RGH
Vulnerability from github – Published: 2026-03-25 18:31 – Updated: 2026-03-25 18:31A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit of Cisco IOS Software and IOS XE Software could allow the attacker to cause the affected device to reload, resulting in a DoS condition. A successful exploit of Cisco Secure Firewall ASA Software and Secure FTD Software could allow the attacker to partially exhaust system memory, resulting in system instability, such as the inability to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.
{
"affected": [],
"aliases": [
"CVE-2026-20012"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-25T16:16:10Z",
"severity": "HIGH"
},
"details": "A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition on an affected device.\n\n This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit of Cisco IOS Software and IOS XE Software could allow the attacker to cause the affected device to reload, resulting in a DoS condition. A successful exploit of Cisco Secure Firewall ASA Software and Secure FTD Software could allow the attacker to partially exhaust system memory, resulting in system instability, such as the inability to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.",
"id": "GHSA-5cpj-j8xh-5rgh",
"modified": "2026-03-25T18:31:46Z",
"published": "2026-03-25T18:31:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20012"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-kPEpQGGK"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5CQV-55PW-MRCP
Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.
{
"affected": [],
"aliases": [
"CVE-2020-23876"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-10T22:15:00Z",
"severity": "HIGH"
},
"details": "pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.",
"id": "GHSA-5cqv-55pw-mrcp",
"modified": "2022-05-24T19:20:14Z",
"published": "2022-05-24T19:20:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23876"
},
{
"type": "WEB",
"url": "https://github.com/kermitt2/pdf2xml/issues/14"
},
{
"type": "WEB",
"url": "https://github.com/Aurorainfinity/Poc/tree/master/pdf2xml"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-5CRP-HWJ6-6WWW
Vulnerability from github – Published: 2026-03-18 18:31 – Updated: 2026-05-29 21:31In the Linux kernel, the following vulnerability has been resolved:
regmap: maple: free entry on mas_store_gfp() failure
regcache_maple_write() allocates a new block ('entry') to merge adjacent ranges and then stores it with mas_store_gfp(). When mas_store_gfp() fails, the new 'entry' remains allocated and is never freed, leaking memory.
Free 'entry' on the failure path; on success continue freeing the replaced neighbor blocks ('lower', 'upper').
{
"affected": [],
"aliases": [
"CVE-2026-23260"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-18T18:16:24Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: maple: free entry on mas_store_gfp() failure\n\nregcache_maple_write() allocates a new block (\u0027entry\u0027) to merge\nadjacent ranges and then stores it with mas_store_gfp().\nWhen mas_store_gfp() fails, the new \u0027entry\u0027 remains allocated and\nis never freed, leaking memory.\n\nFree \u0027entry\u0027 on the failure path; on success continue freeing the\nreplaced neighbor blocks (\u0027lower\u0027, \u0027upper\u0027).",
"id": "GHSA-5crp-hwj6-6www",
"modified": "2026-05-29T21:31:16Z",
"published": "2026-03-18T18:31:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23260"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/811b45e2d795d955bb7fd9c816b40036f4fde350"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d61171cf097156030142643942c217759a9cc806"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f08f2d2907675926ac5657b25f86d921f269602a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f3f380ce6b3d5c9805c7e0b3d5bc28d9ec41e2e8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5CVC-J2XM-H554
Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2025-12-03 21:30xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
{
"affected": [],
"aliases": [
"CVE-2019-19956"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-24T16:15:00Z",
"severity": "MODERATE"
},
"details": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.",
"id": "GHSA-5cvc-j2xm-h554",
"modified": "2025-12-03T21:30:58Z",
"published": "2022-05-24T17:05:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"
},
{
"type": "WEB",
"url": "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200114-0002"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4274-1"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5F6G-Q8F6-3C5X
Vulnerability from github – Published: 2024-02-28 09:30 – Updated: 2024-12-12 18:30In the Linux kernel, the following vulnerability has been resolved:
mt76: mt7915: fix tx skb dma unmap
The first pointer in the txp needs to be unmapped as well, otherwise it will leak DMA mapping entries
{
"affected": [],
"aliases": [
"CVE-2021-47032"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-28T09:15:39Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7915: fix tx skb dma unmap\n\nThe first pointer in the txp needs to be unmapped as well, otherwise it will\nleak DMA mapping entries",
"id": "GHSA-5f6g-q8f6-3c5x",
"modified": "2024-12-12T18:30:49Z",
"published": "2024-02-28T09:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47032"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4a9dcd6efb2a268fc5707dcfb3b0c412975c4462"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4e7914ce23306b28d377ec395e00e5fde0e6f96e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7dcf3c04f0aca746517a77433b33d40868ca4749"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e2cdc9cb33c5963efe1a7c022753386f9463d1b7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5FX7-QFG5-MPMC
Vulnerability from github – Published: 2024-02-27 21:31 – Updated: 2025-01-08 18:30In the Linux kernel, the following vulnerability has been resolved:
ovl: fix leaked dentry
Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when shutting down the related superblock:
overlayfs: refusing to follow metacopy origin for (/file0) ... BUG: Dentry (_ptrval_){i=3f33,n=file3} still in use (1) [unmount of overlay overlay] ... WARNING: CPU: 1 PID: 432 at umount_check.cold+0x107/0x14d CPU: 1 PID: 432 Comm: unmount-overlay Not tainted 5.12.0-rc5 #1 ... RIP: 0010:umount_check.cold+0x107/0x14d ... Call Trace: d_walk+0x28c/0x950 ? dentry_lru_isolate+0x2b0/0x2b0 ? __kasan_slab_free+0x12/0x20 do_one_tree+0x33/0x60 shrink_dcache_for_umount+0x78/0x1d0 generic_shutdown_super+0x70/0x440 kill_anon_super+0x3e/0x70 deactivate_locked_super+0xc4/0x160 deactivate_super+0xfa/0x140 cleanup_mnt+0x22e/0x370 __cleanup_mnt+0x1a/0x30 task_work_run+0x139/0x210 do_exit+0xb0c/0x2820 ? __kasan_check_read+0x1d/0x30 ? find_held_lock+0x35/0x160 ? lock_release+0x1b6/0x660 ? mm_update_next_owner+0xa20/0xa20 ? reacquire_held_locks+0x3f0/0x3f0 ? __sanitizer_cov_trace_const_cmp4+0x22/0x30 do_group_exit+0x135/0x380 __do_sys_exit_group.isra.0+0x20/0x20 __x64_sys_exit_group+0x3c/0x50 do_syscall_64+0x45/0x70 entry_SYSCALL_64_after_hwframe+0x44/0xae ... VFS: Busy inodes after unmount of overlay. Self-destruct in 5 seconds. Have a nice day...
This fix has been tested with a syzkaller reproducer.
{
"affected": [],
"aliases": [
"CVE-2021-46972"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-27T19:04:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix leaked dentry\n\nSince commit 6815f479ca90 (\"ovl: use only uppermetacopy state in\novl_lookup()\"), overlayfs doesn\u0027t put temporary dentry when there is a\nmetacopy error, which leads to dentry leaks when shutting down the related\nsuperblock:\n\n overlayfs: refusing to follow metacopy origin for (/file0)\n ...\n BUG: Dentry (____ptrval____){i=3f33,n=file3} still in use (1) [unmount of overlay overlay]\n ...\n WARNING: CPU: 1 PID: 432 at umount_check.cold+0x107/0x14d\n CPU: 1 PID: 432 Comm: unmount-overlay Not tainted 5.12.0-rc5 #1\n ...\n RIP: 0010:umount_check.cold+0x107/0x14d\n ...\n Call Trace:\n d_walk+0x28c/0x950\n ? dentry_lru_isolate+0x2b0/0x2b0\n ? __kasan_slab_free+0x12/0x20\n do_one_tree+0x33/0x60\n shrink_dcache_for_umount+0x78/0x1d0\n generic_shutdown_super+0x70/0x440\n kill_anon_super+0x3e/0x70\n deactivate_locked_super+0xc4/0x160\n deactivate_super+0xfa/0x140\n cleanup_mnt+0x22e/0x370\n __cleanup_mnt+0x1a/0x30\n task_work_run+0x139/0x210\n do_exit+0xb0c/0x2820\n ? __kasan_check_read+0x1d/0x30\n ? find_held_lock+0x35/0x160\n ? lock_release+0x1b6/0x660\n ? mm_update_next_owner+0xa20/0xa20\n ? reacquire_held_locks+0x3f0/0x3f0\n ? __sanitizer_cov_trace_const_cmp4+0x22/0x30\n do_group_exit+0x135/0x380\n __do_sys_exit_group.isra.0+0x20/0x20\n __x64_sys_exit_group+0x3c/0x50\n do_syscall_64+0x45/0x70\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n ...\n VFS: Busy inodes after unmount of overlay. Self-destruct in 5 seconds. Have a nice day...\n\nThis fix has been tested with a syzkaller reproducer.",
"id": "GHSA-5fx7-qfg5-mpmc",
"modified": "2025-01-08T18:30:40Z",
"published": "2024-02-27T21:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46972"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/71d58457a8afc650da5d3292a7f7029317654d95"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cf3e3330bc5719fa9d658e3e2f596bde89344a94"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d587cfaef72b1b6f4b2774827123bce91f497cc8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5G4G-HGMR-MQRX
Vulnerability from github – Published: 2024-05-22 09:31 – Updated: 2024-11-06 18:31In the Linux kernel, the following vulnerability has been resolved:
NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
'params' is allocated in digital_tg_listen_mdaa(), but not free when digital_send_cmd() failed, which will cause memory leak. Fix it by freeing 'params' if digital_send_cmd() return failed.
{
"affected": [],
"aliases": [
"CVE-2021-47443"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-22T07:15:09Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_tg_listen_mdaa()\n\n\u0027params\u0027 is allocated in digital_tg_listen_mdaa(), but not free when\ndigital_send_cmd() failed, which will cause memory leak. Fix it by\nfreeing \u0027params\u0027 if digital_send_cmd() return failed.",
"id": "GHSA-5g4g-hgmr-mqrx",
"modified": "2024-11-06T18:31:04Z",
"published": "2024-05-22T09:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47443"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5G6F-MMX7-RP64
Vulnerability from github – Published: 2024-10-21 21:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
exfat: fix memory leak in exfat_load_bitmap()
If the first directory entry in the root directory is not a bitmap directory entry, 'bh' will not be released and reassigned, which will cause a memory leak.
{
"affected": [],
"aliases": [
"CVE-2024-50013"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-21T19:15:04Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix memory leak in exfat_load_bitmap()\n\nIf the first directory entry in the root directory is not a bitmap\ndirectory entry, \u0027bh\u0027 will not be released and reassigned, which\nwill cause a memory leak.",
"id": "GHSA-5g6f-mmx7-rp64",
"modified": "2025-11-04T00:31:45Z",
"published": "2024-10-21T21:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50013"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4e1813e52f86eb8db0c6c9570251f2fcbc571f5d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/89081e8407e637463db5880d168e3652fb9f4330"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bf0b3b35259475d1fe377bcaa565488e26684f7a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d2b537b3e533f28e0d97293fe9293161fe8cd137"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dca359db1eb37f334267ebd7e3cab9a66d191d5b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ddf704c2ce3b73f38d2dd8cf1bb0f7ec038bdf63"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f692160d3e1e5450605071b8df8f7d08d9b09a83"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5G8H-G27F-MH64
Vulnerability from github – Published: 2025-07-25 15:30 – Updated: 2025-11-19 18:31In the Linux kernel, the following vulnerability has been resolved:
nvmet: fix memory leak of bio integrity
If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio->bi_integrity.
Since commit bf4c89fc8797 ("block: don't call bio_uninit from bio_endio") each user of bio_init has to use bio_uninit as well. Otherwise the bio integrity is not getting free. Nvmet uses bio_init for inline bios.
Uninit the inline bio to complete deallocation of integrity in bio.
{
"affected": [],
"aliases": [
"CVE-2025-38405"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-25T14:15:32Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix memory leak of bio integrity\n\nIf nvmet receives commands with metadata there is a continuous memory\nleak of kmalloc-128 slab or more precisely bio-\u003ebi_integrity.\n\nSince commit bf4c89fc8797 (\"block: don\u0027t call bio_uninit from bio_endio\")\neach user of bio_init has to use bio_uninit as well. Otherwise the bio\nintegrity is not getting free. Nvmet uses bio_init for inline bios.\n\nUninit the inline bio to complete deallocation of integrity in bio.",
"id": "GHSA-5g8h-g27f-mh64",
"modified": "2025-11-19T18:31:16Z",
"published": "2025-07-25T15:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38405"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/190f4c2c863af7cc5bb354b70e0805f06419c038"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2e2028fcf924d1c6df017033c8d6e28b735a0508"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/431e58d56fcb5ff1f9eb630724a922e0d2a941df"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5GVG-FGGQ-R6F6
Vulnerability from github – Published: 2024-07-11 18:31 – Updated: 2025-04-11 15:32A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).
In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart.
This issue affects Junos OS on MX Series:
- All version before 21.2R3-S6,
- 21.4 versions before 21.4R3-S6,
- 22.1 versions before 22.1R3-S5,
- 22.2 versions before 22.2R3-S3,
- 22.3 versions before 22.3R3-S2,
- 22.4 versions before 22.4R3,
- 23.2 versions before 23.2R2.
{
"affected": [],
"aliases": [
"CVE-2024-39539"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-11T17:15:12Z",
"severity": "MODERATE"
},
"details": "A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a\u00a0Denial-of-Service (DoS).\n\nIn a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart.\n\nThis issue affects Junos OS on MX Series:\n\n\n\n * All version before 21.2R3-S6,\n * 21.4 versions before 21.4R3-S6,\n * 22.1 versions before 22.1R3-S5,\n * 22.2 versions before 22.2R3-S3,\u00a0\n * 22.3 versions before 22.3R3-S2,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R2.",
"id": "GHSA-5gvg-fggq-r6f6",
"modified": "2025-04-11T15:32:22Z",
"published": "2024-07-11T18:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39539"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA82999"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-41
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.