CVE-2022-49120

medium

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001_send_abort_all() In pm8001_send_abort_all(), make sure to free the allocated sas task if pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail.

References

https://git.kernel.org/stable/c/f90a74892f3acf0cdec5844e90fc8686ca13e7d7

https://git.kernel.org/stable/c/34c79d16ee69cb53288c202bb1ab0ba0130d9674

https://git.kernel.org/stable/c/2290dcad6f65864dec518fb2d5fb45f67d684150

https://git.kernel.org/stable/c/2051044d7901f1a9d7be95d0d32e53b88e9548f7

https://git.kernel.org/stable/c/146cae06d2682d7563732544be334e8e6d3862b8

Details

Source: Mitre, NVD

Published: 2025-02-26

Updated: 2025-02-26

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00027