CVE-2022-49120

scsi: pm8001: Fix task leak in pm8001_send_abort_all()

Published: 2/26/2025 Last updated: 5/4/2025 Reserved: 2/26/2025

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001_send_abort_all() In pm8001_send_abort_all(), make sure to free the allocated sas task if pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail.

CNA assigner: Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (2)

Product	Vendor	Version
Linux	Linux	< 6.3.9600.22175
Linux	Linux	Qualcomm215

References (5)

https://git.kernel.org/stable/c/2051044d7901f1a9d7be95d0d32e53b88e9548f7
https://git.kernel.org/stable/c/2290dcad6f65864dec518fb2d5fb45f67d684150
https://git.kernel.org/stable/c/146cae06d2682d7563732544be334e8e6d3862b8
https://git.kernel.org/stable/c/34c79d16ee69cb53288c202bb1ab0ba0130d9674
https://git.kernel.org/stable/c/f90a74892f3acf0cdec5844e90fc8686ca13e7d7