CVE-2022-50646

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the hpsa init one() function within the SCSI subsystem of the Linux kernel. The hpda alloc ctlr info() function allocates memory for a controller information structure (h) and its reply map field. If alloc percpu() fails during initialization, the function prematurely jumps to a cleanup routine, freeing the controller structure (h) but failing to release the associated h->reply map, resulting in a memory leak. The fix involves calling hpda free ctlr info() to properly release both h->reply map and h before freeing h directly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.