5.5
CVE-2026-43192
- EPSS 0.11%
- Veröffentlicht 06.05.2026 11:28:01
- Zuletzt bearbeitet 11.05.2026 20:36:39
- CVE-Watchlists
- Unerledigt
dm mpath: Add missing dm_put_device when failing to get scsi dh name
In the Linux kernel, the following vulnerability has been resolved:
dm mpath: Add missing dm_put_device when failing to get scsi dh name
When commit fd81bc5cca8f ("scsi: device_handler: Return error pointer in
scsi_dh_attached_handler_name()") added code to fail parsing the path if
scsi_dh_attached_handler_name() failed with -ENOMEM, it didn't clean up
the reference to the path device that had just been taken. Fix this, and
steamline the error paths of parse_path() a little.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.016 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/4aa5c37b7d8019f7296111c1add00e7214baae60
https://git.kernel.org/stable/c/787bd63ee661b0148ce8e1fde92b7afddd85c446