CVE-2022-50827

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the lpfc create port() function within the Linux kernel's SCSI subsystem. The issue was introduced by commit 5e633302ace1, which added support for VMID in mailbox commands. When VMID resource allocation fails after a call to scsi host alloc(), the code branches to a return point that skips the necessary deallocation of resources, leading to a memory leak. The fix involves creating a dedicated label to unwind VMID resources before deallocating the SCSI host.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.