CVE-2022-49780

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49780
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49780.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49780
Downstream
Related
Published
2025-05-01T14:09:15.135Z
Modified
2026-03-20T11:47:13.895007Z
Summary
scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: tcmloop: Fix possible name leak in tcmloopsetuphba_bus()

If deviceregister() fails in tcmloopsetuphbabus(), the name allocated by devsetname() need be freed. As comment of deviceregister() says, it should use putdevice() to give up the reference in the error path. So fix this by calling putdevice(), then the name can be freed in kobjectcleanup(). The 'tlhba' will be freed in tcmlooprelease_adapter(), so it don't need goto error label in this case.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49780.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3703b2c5d041a68095cdd22380c23ce27d449ad7
Fixed
41a6b8b527a5957fab41c3c05e25ad125268e2e9
Fixed
28f7ff5e7559d226e63c7c5de74eb075a83d8c53
Fixed
75205f1b47a88c3fac4f30bd7567e89b2887c7fd
Fixed
a636772988bafab89278e7bb3420d8e8eacfe912
Fixed
dce0589a3faec9e2e543e97bca7e62592ec85585
Fixed
bc68e428d4963af0201e92159629ab96948f0893

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49780.json"