-

CVE-2022-50840

EPSS 0.05%
Veröffentlicht 30.12.2025 12:10:59
Zuletzt bearbeitet 31.12.2025 20:43:05
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

scsi: snic: Fix possible UAF in snic_tgt_create()

Smatch reports a warning as follows:

drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn:
  '&tgt->list' not removed from list

If device_add() fails in snic_tgt_create(), tgt will be freed, but
tgt->list will not be removed from snic->disc.tgt_list, then list traversal
may cause UAF.

Remove from snic->disc.tgt_list before free().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < f9d8b8ba0f1a16cde0b1fc9e80466df76b6db8ff

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

Version < 3772319e40527e6a5f2ec1d729e01f271d818f5c

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

Version < 3007f96ca20c848d0b1b052df6d2cb5ae5586e78

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

Version < 6866154c23fba40888ad6d554cccd4bf2edb755e

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

Version < ad27f74e901fc48729733c88818e6b96c813057d

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

Version < 1895e908b3ae66a5312fd1b2cdda2da82993dca7

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

Version < c7f0f8dab1ae5def57c1a8a9cafd6fabe1dc27cc

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

Version < 4141cd9e8b3379aea52a85d2c35f6eaf26d14e86

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

Version < e118df492320176af94deec000ae034cc92be754

Version c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.2

Status affected

Version < 4.2

Version 0

Status unaffected

Version <= 4.9.*

Version 4.9.337

Status unaffected

Version <= 4.14.*

Version 4.14.303

Status unaffected

Version <= 4.19.*

Version 4.19.270

Status unaffected

Version <= 5.4.*

Version 5.4.229

Status unaffected

Version <= 5.10.*

Version 5.10.163

Status unaffected

Version <= 5.15.*

Version 5.15.86

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.145

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/f9d8b8ba0f1a16cde0b1fc9e80466df76b6db8ff

https://git.kernel.org/stable/c/3772319e40527e6a5f2ec1d729e01f271d818f5c

https://git.kernel.org/stable/c/3007f96ca20c848d0b1b052df6d2cb5ae5586e78

https://git.kernel.org/stable/c/6866154c23fba40888ad6d554cccd4bf2edb755e

https://git.kernel.org/stable/c/ad27f74e901fc48729733c88818e6b96c813057d

https://git.kernel.org/stable/c/1895e908b3ae66a5312fd1b2cdda2da82993dca7

https://git.kernel.org/stable/c/c7f0f8dab1ae5def57c1a8a9cafd6fabe1dc27cc

https://git.kernel.org/stable/c/4141cd9e8b3379aea52a85d2c35f6eaf26d14e86

https://git.kernel.org/stable/c/e118df492320176af94deec000ae034cc92be754

https://nvd.nist.gov/vuln/detail/CVE-2022-50840

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50840

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50840

EUVD