CVE-2022-49160

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49160
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49160.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49160
Downstream
Related
Published
2025-02-26T01:55:22.562Z
Modified
2025-11-14T18:15:26.267974Z
Summary
scsi: qla2xxx: Fix crash during module load unload test
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix crash during module load unload test

During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by skipping that entry.

System crashed with the following stack during a module unload test.

Call Trace: sbitmapinitnode+0x7f/0x1e0 sbitmapqueueinitnode+0x24/0x150 blkmqinitbitmaps+0x3d/0xa0 blkmqinittags+0x68/0x90 blkmqallocmapandrqs+0x44/0x120 blkmqallocsetmapandrqs+0x63/0x150 blkmqalloctagset+0x11b/0x230 scsiaddhostwithdma.cold+0x3f/0x245 qla2x00probeone+0xd5a/0x1b80 [qla2xxx]

Call Trace with slubdebug and debug kernel: kasanreportinvalidfree+0x50/0x80 _kasanslabfree+0x137/0x150 slabfreefreelisthook+0xc6/0x190 kfree+0xe8/0x2e0 qla2x00freedevice+0x3bb/0x5d0 [qla2xxx] qla2x00removeone+0x668/0xcf0 [qla2xxx]

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
62e9dd177732843ae6c5b9d2ed61e7c9538fa276
Fixed
9b7eb92dac240ab3bc83e188d83a3df834b41eb2
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
62e9dd177732843ae6c5b9d2ed61e7c9538fa276
Fixed
213e57b42537f1a2e5395caa9d7189854133ed12
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
62e9dd177732843ae6c5b9d2ed61e7c9538fa276
Fixed
67f744f73eba870ab96411d0310e831a4adc3713
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
62e9dd177732843ae6c5b9d2ed61e7c9538fa276
Fixed
0972252450f90db56dd5415a20e2aec21a08d036

Affected versions

v5.*

v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.17
v5.16.18
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.8
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@67f744f73eba870ab96411d0310e831a4adc3713",
        "target": {
            "file": "drivers/scsi/qla2xxx/qla_os.c"
        },
        "id": "CVE-2022-49160-0785cd50",
        "digest": {
            "line_hashes": [
                "165146308202394882760571200926009786620",
                "60150589096835717201247581516833774914",
                "282895955599528340690020750362594151514",
                "340258904661328825290685451089326906452"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0972252450f90db56dd5415a20e2aec21a08d036",
        "target": {
            "file": "drivers/scsi/qla2xxx/qla_os.c",
            "function": "qla24xx_free_purex_list"
        },
        "id": "CVE-2022-49160-2588e2d2",
        "digest": {
            "function_hash": "164072159768805924070270685048914253146",
            "length": 276.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b7eb92dac240ab3bc83e188d83a3df834b41eb2",
        "target": {
            "file": "drivers/scsi/qla2xxx/qla_os.c",
            "function": "qla24xx_free_purex_list"
        },
        "id": "CVE-2022-49160-276e42b7",
        "digest": {
            "function_hash": "164072159768805924070270685048914253146",
            "length": 276.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b7eb92dac240ab3bc83e188d83a3df834b41eb2",
        "target": {
            "file": "drivers/scsi/qla2xxx/qla_os.c"
        },
        "id": "CVE-2022-49160-2aca52db",
        "digest": {
            "line_hashes": [
                "165146308202394882760571200926009786620",
                "60150589096835717201247581516833774914",
                "282895955599528340690020750362594151514",
                "340258904661328825290685451089326906452"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@213e57b42537f1a2e5395caa9d7189854133ed12",
        "target": {
            "file": "drivers/scsi/qla2xxx/qla_os.c",
            "function": "qla24xx_free_purex_list"
        },
        "id": "CVE-2022-49160-465bfa5b",
        "digest": {
            "function_hash": "164072159768805924070270685048914253146",
            "length": 276.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0972252450f90db56dd5415a20e2aec21a08d036",
        "target": {
            "file": "drivers/scsi/qla2xxx/qla_os.c"
        },
        "id": "CVE-2022-49160-483dbfc3",
        "digest": {
            "line_hashes": [
                "165146308202394882760571200926009786620",
                "60150589096835717201247581516833774914",
                "282895955599528340690020750362594151514",
                "340258904661328825290685451089326906452"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@213e57b42537f1a2e5395caa9d7189854133ed12",
        "target": {
            "file": "drivers/scsi/qla2xxx/qla_os.c"
        },
        "id": "CVE-2022-49160-ded1f988",
        "digest": {
            "line_hashes": [
                "165146308202394882760571200926009786620",
                "60150589096835717201247581516833774914",
                "282895955599528340690020750362594151514",
                "340258904661328825290685451089326906452"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@67f744f73eba870ab96411d0310e831a4adc3713",
        "target": {
            "file": "drivers/scsi/qla2xxx/qla_os.c",
            "function": "qla24xx_free_purex_list"
        },
        "id": "CVE-2022-49160-e999cb3d",
        "digest": {
            "function_hash": "164072159768805924070270685048914253146",
            "length": 276.0
        },
        "signature_version": "v1"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.9.0
Fixed
5.15.54
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.19
Type
ECOSYSTEM
Events
Introduced
5.17.0
Fixed
5.17.2