Description
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails If device_add(&sdkp->disk_dev) fails, put_device() runs scsi_disk_release(), which frees the scsi_disk but leaves the gendisk referenced. The device_add_disk() error path in sd_probe() calls put_disk(gd); call put_disk(gd) here to mirror that cleanup.
Product status
265dfe8ebbabae7959060bd1c3f75c2473b697ed (git) before 2c2c14b7dfccad8c5a28802849e40c21252e4c28
265dfe8ebbabae7959060bd1c3f75c2473b697ed (git) before 262152ec37101f9dc524743ccdbd6c7641d14573
265dfe8ebbabae7959060bd1c3f75c2473b697ed (git) before b64b4f499801b12d0e2785447e4df6c164c608a9
265dfe8ebbabae7959060bd1c3f75c2473b697ed (git) before 13e550fbfccdb311e76ec96892dfe35f0dba0657
265dfe8ebbabae7959060bd1c3f75c2473b697ed (git) before a95d38c5701431bfc826e7b18acc0785919d5c88
265dfe8ebbabae7959060bd1c3f75c2473b697ed (git) before 1e111c4b3a726df1254670a5cc4868cedb946d37
d56459d361a9a99bead8b594635353053271356c (git)
a3e5a9208466b63f27a2509a691023b446ea5105 (git)
4e8e6427319de323f613caa8fd37120df83138d0 (git)
eadb60bcc2005247d97dcb3becee57aba4024ff4 (git)
350d048cc506368a316f0bc4082426b24a2a9fc0 (git)
60df9f55562a57173a11b6c7011eee40dfa48157 (git)
e95f62013a1159eeea752bb52df0683ee77f70ca (git)
4.4.288 (semver) before 4.5
4.9.286 (semver) before 4.10
4.14.250 (semver) before 4.15
4.19.210 (semver) before 4.20
5.4.152 (semver) before 5.5
5.10.72 (semver) before 5.11
5.14.11 (semver) before 5.15
5.15
Any version before 5.15
6.1.175 (semver)
6.6.140 (semver)
6.12.86 (semver)
6.18.27 (semver)
7.0.4 (semver)
7.1-rc1 (original_commit_for_fix)
References
git.kernel.org/...c/2c2c14b7dfccad8c5a28802849e40c21252e4c28
git.kernel.org/...c/262152ec37101f9dc524743ccdbd6c7641d14573
git.kernel.org/...c/b64b4f499801b12d0e2785447e4df6c164c608a9
git.kernel.org/...c/13e550fbfccdb311e76ec96892dfe35f0dba0657
git.kernel.org/...c/a95d38c5701431bfc826e7b18acc0785919d5c88
git.kernel.org/...c/1e111c4b3a726df1254670a5cc4868cedb946d37