CVE-2022-50027

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE

There is no corresponding free routine if lpfc_sli4_issue_wqe fails to issue the CMF WQE in lpfc_issue_cmf_sync_wqe.

If ret_val is non-zero, then free the iocbq request structure.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxdaebf93fc3a5d12b3bc928aebb168c68e754dda2 < 9c8e2e607270a368834a0ef72aa82d970f89c596affected
LinuxLinuxdaebf93fc3a5d12b3bc928aebb168c68e754dda2 < 4eb7a1beff03836d3df271cd23b790884e3facb9affected
LinuxLinuxdaebf93fc3a5d12b3bc928aebb168c68e754dda2 < 2f67dc7970bce3529edce93a0a14234d88b3fcd5affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.63 <= 5.15.*unaffected
LinuxLinux5.19.4 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References