CVE-2022-50840

EUVD-2022-55858

30.12.2025, 13:15

In the Linux kernel, the following vulnerability has been resolved:

scsi: snic: Fix possible UAF in snic_tgt_create()

Smatch reports a warning as follows:

drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn:
  '&tgt->list' not removed from list

If device_add() fails in snic_tgt_create(), tgt will be freed, but
tgt->list will not be removed from snic->disc.tgt_list, then list traversal
may cause UAF.

Remove from snic->disc.tgt_list before free().

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 19%

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.148-1 fixed
bookworm (security)	6.1.158-1 fixed
bullseye	5.10.223-1 fixed
bullseye (security)	5.10.247-1 fixed
forky	6.17.13-1 fixed
sid	6.17.13-1 fixed
trixie	6.12.57-1 fixed
trixie (security)	6.12.48-1 fixed

openSUSE / SLES Releases

openSUSE Product

Release

cluster-md-kmp-default

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

dlm-kmp-default

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

gfs2-kmp-default

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

kernel-64kb

suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

kernel-default

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

kernel-default-base

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1.150400.24.98.3 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1.150500.6.65.1 fixed

kernel-default-man

suse enterprise server 12 SP5

4.12.14-122.290.1

fixed

kernel-docs

suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

kernel-macros

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

kernel-obs-build

suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

kernel-source

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

kernel-syms

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

kernel-zfcpdump

suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

ocfs2-kmp-default

suse enterprise server 12 SP5	4.12.14-122.290.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

reiserfs-kmp-default

suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed

References

https://git.kernel.org/stable/c/1895e908b3ae66a5312fd1b2cdda2da82993dca7

https://git.kernel.org/stable/c/3007f96ca20c848d0b1b052df6d2cb5ae5586e78

https://git.kernel.org/stable/c/3772319e40527e6a5f2ec1d729e01f271d818f5c

https://git.kernel.org/stable/c/4141cd9e8b3379aea52a85d2c35f6eaf26d14e86

https://git.kernel.org/stable/c/6866154c23fba40888ad6d554cccd4bf2edb755e

https://git.kernel.org/stable/c/ad27f74e901fc48729733c88818e6b96c813057d

https://git.kernel.org/stable/c/c7f0f8dab1ae5def57c1a8a9cafd6fabe1dc27cc

https://git.kernel.org/stable/c/e118df492320176af94deec000ae034cc92be754

https://git.kernel.org/stable/c/f9d8b8ba0f1a16cde0b1fc9e80466df76b6db8ff