{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-50840","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-30T12:06:07.133Z","datePublished":"2025-12-30T12:10:59.066Z","dateUpdated":"2026-05-11T19:26:07.823Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:26:07.823Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: snic: Fix possible UAF in snic_tgt_create()\n\nSmatch reports a warning as follows:\n\ndrivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn:\n  '&tgt->list' not removed from list\n\nIf device_add() fails in snic_tgt_create(), tgt will be freed, but\ntgt->list will not be removed from snic->disc.tgt_list, then list traversal\nmay cause UAF.\n\nRemove from snic->disc.tgt_list before free()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/scsi/snic/snic_disc.c"],"versions":[{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"f9d8b8ba0f1a16cde0b1fc9e80466df76b6db8ff","status":"affected","versionType":"git"},{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"3772319e40527e6a5f2ec1d729e01f271d818f5c","status":"affected","versionType":"git"},{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"3007f96ca20c848d0b1b052df6d2cb5ae5586e78","status":"affected","versionType":"git"},{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"6866154c23fba40888ad6d554cccd4bf2edb755e","status":"affected","versionType":"git"},{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"ad27f74e901fc48729733c88818e6b96c813057d","status":"affected","versionType":"git"},{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"1895e908b3ae66a5312fd1b2cdda2da82993dca7","status":"affected","versionType":"git"},{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"c7f0f8dab1ae5def57c1a8a9cafd6fabe1dc27cc","status":"affected","versionType":"git"},{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"4141cd9e8b3379aea52a85d2c35f6eaf26d14e86","status":"affected","versionType":"git"},{"version":"c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa","lessThan":"e118df492320176af94deec000ae034cc92be754","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/scsi/snic/snic_disc.c"],"versions":[{"version":"4.2","status":"affected"},{"version":"0","lessThan":"4.2","status":"unaffected","versionType":"semver"},{"version":"4.9.337","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.303","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.270","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.229","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.163","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.86","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.0.16","lessThanOrEqual":"6.0.*","status":"unaffected","versionType":"semver"},{"version":"6.1.2","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.2","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"4.9.337"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"4.14.303"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"4.19.270"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"5.4.229"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"5.10.163"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"5.15.86"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.0.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.1.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/f9d8b8ba0f1a16cde0b1fc9e80466df76b6db8ff"},{"url":"https://git.kernel.org/stable/c/3772319e40527e6a5f2ec1d729e01f271d818f5c"},{"url":"https://git.kernel.org/stable/c/3007f96ca20c848d0b1b052df6d2cb5ae5586e78"},{"url":"https://git.kernel.org/stable/c/6866154c23fba40888ad6d554cccd4bf2edb755e"},{"url":"https://git.kernel.org/stable/c/ad27f74e901fc48729733c88818e6b96c813057d"},{"url":"https://git.kernel.org/stable/c/1895e908b3ae66a5312fd1b2cdda2da82993dca7"},{"url":"https://git.kernel.org/stable/c/c7f0f8dab1ae5def57c1a8a9cafd6fabe1dc27cc"},{"url":"https://git.kernel.org/stable/c/4141cd9e8b3379aea52a85d2c35f6eaf26d14e86"},{"url":"https://git.kernel.org/stable/c/e118df492320176af94deec000ae034cc92be754"}],"title":"scsi: snic: Fix possible UAF in snic_tgt_create()","x_generator":{"engine":"bippy-1.2.0"}}}}