DEBIAN-CVE-2022-50827
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50827
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50827.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-50827
- Upstream
- Published
- 2025-12-30T13:15:57.163Z
- Modified
- 2025-12-31T11:20:52.009173Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfccreateport() Commit 5e633302ace1 ("scsi: lpfc: vmid: Add support for VMID in mailbox command") introduced allocations for the VMID resources in lpfccreateport() after the call to scsihostalloc(). Upon failure on the VMID allocations, the new code would branch to the 'out' label, which returns NULL without unwinding anything, thus skipping the call to scsihostput(). Fix the problem by creating a separate label 'outfreevmid' to unwind the VMID resources and make the 'outputshost' label call only scsihostput(), as was done before the introduction of allocations for VMID.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source