CVE-2022-48650
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48650
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48650.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-48650
- Downstream
- Related
- Published
- 2024-04-28T13:00:37Z
- Modified
- 2025-10-08T06:36:48.945216Z
- Severity
-
- 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix memory leak in _qlt24xxhandleabts()
Commit 8f394da36a36 ("scsi: qla2xxx: Drop TARGETSCFLOOKUPLUNFROMTAG") made the _qlt24xxhandleabts() function return early if tcmqla2xxxfindcmdbytag() didn't find a command, but it missed to clean up the allocated memory for the management command.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8f394da36a361cbe0e1e8b1d4213e5598c8095acFixed89df49e561b4a8948521fc3f8a013012eaa08f82
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8f394da36a361cbe0e1e8b1d4213e5598c8095acFixed6a4236ed47f5b0a57eb6b8fb1c351b15b3d341d7
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8f394da36a361cbe0e1e8b1d4213e5598c8095acFixed601be20fc6a1b762044d2398befffd6bf236cebf
Affected versions
v5.*
v5.10
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.19.10
v5.19.11
v5.19.2
v5.19.3
v5.19.4
v5.19.5
v5.19.6
v5.19.7
v5.19.8
v5.19.9
v6.*
v6.0-rc1
Database specific
{
"vanir_signatures": [
{
"id": "CVE-2022-48650-683fa441",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"108359352698824212033430654970325795239",
"265052913549162672391197473695278637297",
"62603136500390261523385897802501334053",
"39786634537976134360037545919813336707",
"250635723682964800313124240986574939008"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@601be20fc6a1b762044d2398befffd6bf236cebf",
"target": {
"file": "drivers/scsi/qla2xxx/qla_target.c"
},
"signature_version": "v1",
"signature_type": "Line"
},
{
"id": "CVE-2022-48650-69c069b0",
"deprecated": false,
"digest": {
"function_hash": "44619911156194470983399799541886515819",
"length": 1450.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6a4236ed47f5b0a57eb6b8fb1c351b15b3d341d7",
"target": {
"file": "drivers/scsi/qla2xxx/qla_target.c",
"function": "__qlt_24xx_handle_abts"
},
"signature_version": "v1",
"signature_type": "Function"
},
{
"id": "CVE-2022-48650-94754769",
"deprecated": false,
"digest": {
"function_hash": "44619911156194470983399799541886515819",
"length": 1450.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@601be20fc6a1b762044d2398befffd6bf236cebf",
"target": {
"file": "drivers/scsi/qla2xxx/qla_target.c",
"function": "__qlt_24xx_handle_abts"
},
"signature_version": "v1",
"signature_type": "Function"
},
{
"id": "CVE-2022-48650-97a19387",
"deprecated": false,
"digest": {
"function_hash": "44619911156194470983399799541886515819",
"length": 1450.0
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89df49e561b4a8948521fc3f8a013012eaa08f82",
"target": {
"file": "drivers/scsi/qla2xxx/qla_target.c",
"function": "__qlt_24xx_handle_abts"
},
"signature_version": "v1",
"signature_type": "Function"
},
{
"id": "CVE-2022-48650-9bdd23ca",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"108359352698824212033430654970325795239",
"265052913549162672391197473695278637297",
"62603136500390261523385897802501334053",
"39786634537976134360037545919813336707",
"250635723682964800313124240986574939008"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89df49e561b4a8948521fc3f8a013012eaa08f82",
"target": {
"file": "drivers/scsi/qla2xxx/qla_target.c"
},
"signature_version": "v1",
"signature_type": "Line"
},
{
"id": "CVE-2022-48650-ad7a4e3a",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"108359352698824212033430654970325795239",
"265052913549162672391197473695278637297",
"62603136500390261523385897802501334053",
"39786634537976134360037545919813336707",
"250635723682964800313124240986574939008"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6a4236ed47f5b0a57eb6b8fb1c351b15b3d341d7",
"target": {
"file": "drivers/scsi/qla2xxx/qla_target.c"
},
"signature_version": "v1",
"signature_type": "Line"
}
]
}