Home

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snic_tgt_create() Smatch reports a warning as follows: drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn: '&tgt->list' not removed from list If device_add() fails in snic_tgt_create(), tgt will be freed, but tgt->list will not be removed from snic->disc.tgt_list, then list traversal may cause UAF. Remove from snic->disc.tgt_list before free().

PUBLISHED Reserved 2025-12-30 | Published 2025-12-30 | Updated 2025-12-30 | Assigner Linux

Product status

Default status
unaffected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before f9d8b8ba0f1a16cde0b1fc9e80466df76b6db8ff
affected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before 3772319e40527e6a5f2ec1d729e01f271d818f5c
affected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before 3007f96ca20c848d0b1b052df6d2cb5ae5586e78
affected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before 6866154c23fba40888ad6d554cccd4bf2edb755e
affected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before ad27f74e901fc48729733c88818e6b96c813057d
affected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before 1895e908b3ae66a5312fd1b2cdda2da82993dca7
affected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before c7f0f8dab1ae5def57c1a8a9cafd6fabe1dc27cc
affected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before 4141cd9e8b3379aea52a85d2c35f6eaf26d14e86
affected

c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa (git) before e118df492320176af94deec000ae034cc92be754
affected

Default status
affected

4.2
affected

Any version before 4.2
unaffected

4.9.337 (semver)
unaffected

4.14.303 (semver)
unaffected

4.19.270 (semver)
unaffected

5.4.229 (semver)
unaffected

5.10.163 (semver)
unaffected

5.15.86 (semver)
unaffected

6.0.16 (semver)
unaffected

6.1.2 (semver)
unaffected

6.2 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/f9d8b8ba0f1a16cde0b1fc9e80466df76b6db8ff

git.kernel.org/...c/3772319e40527e6a5f2ec1d729e01f271d818f5c

git.kernel.org/...c/3007f96ca20c848d0b1b052df6d2cb5ae5586e78

git.kernel.org/...c/6866154c23fba40888ad6d554cccd4bf2edb755e

git.kernel.org/...c/ad27f74e901fc48729733c88818e6b96c813057d

git.kernel.org/...c/1895e908b3ae66a5312fd1b2cdda2da82993dca7

git.kernel.org/...c/c7f0f8dab1ae5def57c1a8a9cafd6fabe1dc27cc

git.kernel.org/...c/4141cd9e8b3379aea52a85d2c35f6eaf26d14e86

git.kernel.org/...c/e118df492320176af94deec000ae034cc92be754

cve.org (CVE-2022-50840)

nvd.nist.gov (CVE-2022-50840)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.