CVE-2022-49780 in LinuxИнформация

Сводка

по MITRE • 01.05.2025

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()

If device_register() fails in tcm_loop_setup_hba_bus(), the name allocated by dev_set_name() need be freed. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanup(). The 'tl_hba' will be freed in tcm_loop_release_adapter(), so it don't need goto error label in this case.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Ответственный

Linux

Резервировать

16.04.2025

Раскрытие

01.05.2025

Модерация

принято

Вход

VDB-306925

EPSS

0.00184

KEV

Нет

Деятельности

Очень низкий

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!