5.5
CVE-2022-49521
- EPSS 0.25%
- Veröffentlicht 26.02.2025 07:01:28
- Zuletzt bearbeitet 21.10.2025 12:07:04
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() If no handler is found in lpfc_complete_unsol_iocb() to match the rctl of a received frame, the frame is dropped and resources are leaked. Fix by returning resources when discarding an unhandled frame type. Update lpfc_fc_frame_check() handling of NOP basic link service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.10.121
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.46
Linux ≫ Linux Kernel Version >= 5.16 < 5.17.14
Linux ≫ Linux Kernel Version >= 5.18 < 5.18.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.165 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/08709769ff2fb6c5ffedcda3742700d8ea1618a8
https://git.kernel.org/stable/c/40cf4ea4d2d497f7732c87d350ba5c3f5e8a43a1
https://git.kernel.org/stable/c/646db1a560f44236b7278b822ca99a1d3b6ea72c
https://git.kernel.org/stable/c/7860d8f8082605b57596aa82d3d438c1fdad9a9e
https://git.kernel.org/stable/c/fa1b509d41c5433672f72c0615cf4aefa0611c99