5.5
CVE-2022-50027
- EPSS 0.16%
- Veröffentlicht 18.06.2025 11:01:30
- Zuletzt bearbeitet 13.11.2025 19:29:41
- CVE-Watchlists
- Unerledigt
scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfc_sli4_issue_wqe fails to issue the CMF WQE in lpfc_issue_cmf_sync_wqe. If ret_val is non-zero, then free the iocbq request structure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.15 < 5.15.63
Linux ≫ Linux Kernel Version >= 5.16 < 5.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.053 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/9c8e2e607270a368834a0ef72aa82d970f89c596
https://git.kernel.org/stable/c/4eb7a1beff03836d3df271cd23b790884e3facb9
https://git.kernel.org/stable/c/2f67dc7970bce3529edce93a0a14234d88b3fcd5