CVE-2022-50727

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: efct: Fix possible memleak in efct_device_init()

In efct_device_init(), when efct_scsi_reg_fc_transport() fails, efct_scsi_tgt_driver_exit() is not called to release memory for efct_scsi_tgt_driver_init() and causes memleak:

unreferenced object 0xffff8881020ce000 (size 2048): comm "modprobe", pid 465, jiffies 4294928222 (age 55.872s) backtrace: [<0000000021a1ef1b>] kmalloc_trace+0x27/0x110 [<000000004c3ed51c>] target_register_template+0x4fd/0x7b0 [target_core_mod] [<00000000f3393296>] efct_scsi_tgt_driver_init+0x18/0x50 [efct] [<00000000115de533>] 0xffffffffc0d90011 [<00000000d608f646>] do_one_initcall+0xd0/0x4e0 [<0000000067828cf1>] do_init_module+0x1cc/0x6a0 …

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4df84e8466242de835416a4ec0c856c0e2ed26eb < 038359eeccffaf0de4c1c9c51ee19cc5649619a1affected
LinuxLinux4df84e8466242de835416a4ec0c856c0e2ed26eb < 0c6e6bb30229b1297ac0fd7ede2941d2322fc736affected
LinuxLinux4df84e8466242de835416a4ec0c856c0e2ed26eb < c7e96168a8ca3be96c4959475164bef31115f07eaffected
LinuxLinux4df84e8466242de835416a4ec0c856c0e2ed26eb < bb0cd225dd37df1f4a22e36dad59ff33178ecdfcaffected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References