CVE-2022-50827

EUVD-2022-55871
In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix memory leak in lpfc_create_port()

Commit 5e633302ace1 ("scsi: lpfc: vmid: Add support for VMID in mailbox
command") introduced allocations for the VMID resources in
lpfc_create_port() after the call to scsi_host_alloc(). Upon failure on the
VMID allocations, the new code would branch to the 'out' label, which
returns NULL without unwinding anything, thus skipping the call to
scsi_host_put().

Fix the problem by creating a separate label 'out_free_vmid' to unwind the
VMID resources and make the 'out_put_shost' label call only
scsi_host_put(), as was done before the introduction of allocations for
VMID.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.247-1
fixed
forky
6.17.13-1
fixed
sid
6.17.13-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cluster-md-kmp-default
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
dlm-kmp-default
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
gfs2-kmp-default
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
kernel-64kb
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
kernel-default
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
kernel-default-base
suse enterprise server 15 SP4
5.14.21-150400.24.194.1.150400.24.98.3
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1.150500.6.65.1
fixed
kernel-docs
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
kernel-macros
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
kernel-obs-build
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
kernel-source
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
kernel-syms
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
kernel-zfcpdump
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
ocfs2-kmp-default
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
reiserfs-kmp-default
suse enterprise server 15 SP4
5.14.21-150400.24.194.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.133.1
fixed
References
https://git.kernel.org/stable/c/5ea1f195f51c2bb5915ccfb2b2885ca81ce9262b
https://git.kernel.org/stable/c/9749595feb33a1a2b848800192224ffeed5346b4
https://git.kernel.org/stable/c/dc8e483f684a24cc06e1d5fa958b54db58855093