VDB

DEBIAN-CVE-2022-50840

DEBIAN-CVE-2022-50840 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snic_tgt_create() Smatch reports a warning as follows: drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn: '&tgt->list' not removed from list If device_add() fails in snic_tgt_create(), tgt will be freed, but tgt->list will not be removed from snic->disc.tgt_list, then list traversal may cause UAF. Remove from snic->disc.tgt_list before free().

Affected Products

VendorProductVersions
Debian:14linux0, 0, 0
Debian:11linux5.10.158-2, 5.10.92-2, 5.10.46-5
Debian:12linux0, 0, 0
Debian:13linux0, 0, 0

Timeline

  • Dec 30, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›