CVE-2022-49780

MEDIUM EPSS 7.4%
Published May 1, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() If device_register() fails in tcm_loop_setup_hba_bus(), the name allocated by dev_set_name() need be freed. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanup(). The 'tl_hba' will be freed in tcm_loop_release_adapter(), so it don't need goto error label in this case.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
7.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥2.6.39  –  <4.19.267
linuxlinux_kernel*≥4.20  –  <5.4.225
linuxlinux_kernel*≥5.5  –  <5.10.156
linuxlinux_kernel*≥5.11  –  <5.15.80
linuxlinux_kernel*≥5.16  –  <6.0.10
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any

References 6

  • git.kernel.org https://git.kernel.org/stable/c/28f7ff5e7559d226e63c7c5de74eb075a83d8c53
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/41a6b8b527a5957fab41c3c05e25ad125268e2e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/75205f1b47a88c3fac4f30bd7567e89b2887c7fd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a636772988bafab89278e7bb3420d8e8eacfe912
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bc68e428d4963af0201e92159629ab96948f0893
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dce0589a3faec9e2e543e97bca7e62592ec85585
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/28f7ff5e7559d226e63c7c5de74eb075a83d8c53
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/41a6b8b527a5957fab41c3c05e25ad125268e2e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/75205f1b47a88c3fac4f30bd7567e89b2887c7fd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a636772988bafab89278e7bb3420d8e8eacfe912
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bc68e428d4963af0201e92159629ab96948f0893
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dce0589a3faec9e2e543e97bca7e62592ec85585
    Patch