Total
1555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-47231 | 1 Linux | 1 Linux Kernel | 2025-04-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
can: mcba_usb: fix memory leak in mcba_usb
Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS
Analyzer Tool. The problem was in unfreed usb_coherent.
In mcba_usb_start() 20 coherent buffers are allocated and there is
nothing, that frees them:
1) In callback function the urb is resubmitted and that's all
2) In disconnect function urbs are simply killed, but URB_FREE_BUFFER
is not set (see mcba_usb_start) ...
Show More |
|||||
| CVE-2023-23145 | 1 Gpac | 1 Gpac | 2025-04-03 | N/A | 7.8 HIGH |
|
GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function.
|
|||||
| CVE-2005-3181 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2025-04-03 | 2.1 LOW | N/A |
|
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).
|
|||||
| CVE-2004-0427 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
|
|||||
| CVE-2001-0543 | 1 Microsoft | 3 Exchange Server, Windows 2000, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts.
|
|||||
| CVE-2001-0136 | 4 Conectiva, Debian, Mandrakesoft and 1 more | 4 Linux, Debian Linux, Mandrake Linux and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
|
|||||
| CVE-2005-3119 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.
|
|||||
| CVE-2004-0222 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.
|
|||||
| CVE-2002-0574 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed.
|
|||||
| CVE-2021-47443 | 1 Linux | 1 Linux Kernel | 2025-04-02 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
'params' is allocated in digital_tg_listen_mdaa(), but not free when
digital_send_cmd() failed, which will cause memory leak. Fix it by
freeing 'params' if digital_send_cmd() return failed.
|
|||||
| CVE-2023-52746 | 1 Linux | 1 Linux Kernel | 2025-04-02 | N/A | 2.5 LOW |
|
In the Linux kernel, the following vulnerability has been resolved:
xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
int type = nla_type(nla);
if (type > XFRMA_MAX) {
return -EOPNOTSUPP;
}
@type is then used as an array index and can be used
as a Spectre v1 gadget.
if (nla_len(nla) < compat_policy[type].len) {
array_index_nospec() can be used to prevent leaking
content of kernel memory to malicious users.
|
|||||
| CVE-2024-26831 | 1 Linux | 1 Linux Kernel | 2025-04-02 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net/handshake: Fix handshake_req_destroy_test1
Recently, handshake_req_destroy_test1 started failing:
Expected handshake_req_destroy_test == req, but
handshake_req_destroy_test == 0000000000000000
req == 0000000060f99b40
not ok 11 req_destroy works
This is because "sock_release(sock)" was replaced with "fput(filp)"
to address a memory leak. Note that sock_release() is synchronous
but fput() usually delays the final c ...
Show More |
|||||
| CVE-2024-6875 | 2025-04-01 | N/A | 6.5 MEDIUM | ||
|
A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API.
|
|||||
| CVE-2024-38388 | 1 Linux | 1 Linux Kernel | 2025-04-01 | N/A | 3.3 LOW |
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup
Use the control private_free callback to free the associated data
block. This ensures that the memory won't leak, whatever way the
control gets destroyed.
The original implementation didn't actually remove the ALSA
controls in hda_cs_dsp_control_remove(). It only freed the internal
tracking structure. This meant it was possible to remove/unload the
amp driver while le ...
Show More |
|||||
| CVE-2025-29483 | 1 Libming | 1 Libming | 2025-04-01 | N/A | 6.5 MEDIUM |
|
libming v0.4.8 was discovered to contain a memory leak via the parseSWF_ENABLEDEBUGGER2 function.
|
|||||
| CVE-2022-45920 | 1 Softing | 1 Uatoolkit Embedded | 2025-04-01 | N/A | 7.5 HIGH |
|
In Softing uaToolkit Embedded before 1.41, a malformed CreateMonitoredItems request may cause a memory leak.
|
|||||
| CVE-2024-3860 | 1 Mozilla | 1 Firefox | 2025-03-31 | N/A | 6.2 MEDIUM |
|
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125.
|
|||||
| CVE-2022-4139 | 1 Linux | 1 Linux Kernel | 2025-03-28 | N/A | 7.8 HIGH |
|
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
|
|||||
| CVE-2024-24150 | 1 Libming | 1 Libming | 2025-03-27 | N/A | 6.5 MEDIUM |
|
A memory leak issue discovered in parseSWF_TEXTRECORD in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file.
|
|||||
| CVE-2021-47214 | 1 Linux | 1 Linux Kernel | 2025-03-27 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
hugetlb, userfaultfd: fix reservation restore on userfaultfd error
Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we
bail out using "goto out_release_unlock;" in the cases where idx >=
size, or !huge_pte_none(), the code will detect that new_pagecache_page
== false, and so call restore_reserve_on_error(). In this case I see
restore_reserve_on_error() delete the reservation, and the following
call to remov ...
Show More |
|||||
| CVE-2024-24146 | 1 Libming | 1 Libming | 2025-03-27 | N/A | 6.5 MEDIUM |
|
A memory leak issue discovered in parseSWF_DEFINEBUTTON in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file.
|
|||||
| CVE-2024-26462 | 2 Mit, Netapp | 11 Kerberos 5, Active Iq Unified Manager, Cloud Volumes Ontap Mediator and 8 more | 2025-03-25 | N/A | 5.5 MEDIUM |
|
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.
|
|||||
| CVE-2023-0615 | 1 Linux | 1 Linux Kernel | 2025-03-25 | N/A | 5.5 MEDIUM |
|
A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled.
|
|||||
| CVE-2022-48764 | 1 Linux | 1 Linux Kernel | 2025-03-24 | N/A | 5.3 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2}
Free the "struct kvm_cpuid_entry2" array on successful post-KVM_RUN
KVM_SET_CPUID{,2} to fix a memory leak, the callers of kvm_set_cpuid()
free the array only on failure.
BUG: memory leak
unreferenced object 0xffff88810963a800 (size 2048):
comm "syz-executor025", pid 3610, jiffies 4294944928 (age 8.080s)
hex dump (first 32 bytes):
00 00 00 00 00 ...
Show More |
|||||
| CVE-2024-39490 | 1 Linux | 1 Linux Kernel | 2025-03-24 | N/A | 6.2 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix missing sk_buff release in seg6_input_core
The seg6_input() function is responsible for adding the SRH into a
packet, delegating the operation to the seg6_input_core(). This function
uses the skb_cow_head() to ensure that there is sufficient headroom in
the sk_buff for accommodating the link-layer header.
In the event that the skb_cow_header() function fails, the
seg6_input_core() catches the error but it does no ...
Show More |
|||||
| CVE-2022-48650 | 1 Linux | 1 Linux Kernel | 2025-03-20 | N/A | 4.7 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()
Commit 8f394da36a36 ("scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG")
made the __qlt_24xx_handle_abts() function return early if
tcm_qla2xxx_find_cmd_by_tag() didn't find a command, but it missed to clean
up the allocated memory for the management command.
|
|||||
| CVE-2023-1074 | 1 Linux | 1 Linux Kernel | 2025-03-19 | N/A | 5.5 MEDIUM |
|
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.
|
|||||
| CVE-2021-47075 | 1 Linux | 1 Linux Kernel | 2025-03-19 | N/A | 5.3 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
nvmet: fix memory leak in nvmet_alloc_ctrl()
When creating ctrl in nvmet_alloc_ctrl(), if the cntlid_min is larger
than cntlid_max of the subsystem, and jumps to the
"out_free_changed_ns_list" label, but the ctrl->sqs lack of be freed.
Fix this by jumping to the "out_free_sqs" label.
|
|||||
| CVE-2021-47031 | 1 Linux | 1 Linux Kernel | 2025-03-19 | N/A | 4.3 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
mt76: mt7921: fix memory leak in mt7921_coredump_work
Fix possible memory leak in mt7921_coredump_work.
|
|||||
| CVE-2021-47177 | 1 Linux | 1 Linux Kernel | 2025-03-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Fix sysfs leak in alloc_iommu()
iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent
errors.
|
|||||
| CVE-2023-0597 | 1 Linux | 1 Linux Kernel | 2025-03-12 | N/A | 5.5 MEDIUM |
|
A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory.
|
|||||
| CVE-2023-23205 | 1 Mz-automation | 1 Lib60870 | 2025-03-12 | N/A | 5.5 MEDIUM |
|
An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multi_client_server/multi_client_server.c.
|
|||||
| CVE-2025-1150 | 1 Gnu | 1 Binutils | 2025-03-11 | 2.6 LOW | 3.1 LOW |
|
A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfd_malloc of the file libbfd.c of the component ld. The manipulation leads to memory leak. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not goin ...
Show More |
|||||
| CVE-2023-52610 | 1 Linux | 1 Linux Kernel | 2025-03-10 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net/sched: act_ct: fix skb leak and crash on ooo frags
act_ct adds skb->users before defragmentation. If frags arrive in order,
the last frag's reference is reset in:
inet_frag_reasm_prepare
skb_morph
which is not straightforward.
However when frags arrive out of order, nobody unref the last frag, and
all frags are leaked. The situation is even worse, as initiating packet
capture can lead to a crash[0] when skb has be ...
Show More |
|||||
| CVE-2019-20171 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2025-03-07 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. There are memory leaks in metx_New in isomedia/box_code_base.c and abst_Read in isomedia/box_code_adobe.c.
|
|||||
| CVE-2019-19049 | 2 Linux, Opensuse | 2 Linux Kernel, Leap | 2025-03-07 | 7.8 HIGH | 7.5 HIGH |
|
A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot
|
|||||
| CVE-2024-35882 | 1 Linux | 1 Linux Kernel | 2025-03-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP
Jan Schunk reports that his small NFS servers suffer from memory
exhaustion after just a few days. A bisect shows that commit
e18e157bb5c8 ("SUNRPC: Send RPC message on TCP with a single
sock_sendmsg() call") is the first bad commit.
That commit assumed that sock_sendmsg() releases all the pages in
the underlying bio_vec array, but the reality is that it doesn't.
sv ...
Show More |
|||||
| CVE-2024-9135 | 2025-03-04 | N/A | 5.3 MEDIUM | ||
|
On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.
|
|||||
| CVE-2025-20011 | 2025-03-04 | N/A | 3.3 LOW | ||
|
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.
|
|||||
| CVE-2025-1816 | 2025-03-03 | 5.0 MEDIUM | 4.3 MEDIUM | ||
|
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audio_element_obu of the file libavformat/iamf_parse.c of the component IAMF File Handler. The manipulation of the argument num_parameters leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 0526535cd58444dd264e810b2f3348b4d96cff3b. It is recommend ...
Show More |
|||||