How severe is CVE-2022-48650?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2022-48650?

This is classified as CWE-401, which is a common weakness in software security.

CVE-2022-48650 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() Commit 8f394da36a36 ("scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG") made the __qlt_24xx_handle_abts() function return early if tcm_qla2xxx_find_cmd_by_tag() didn't find a command, but it missed to clean up the allocated memory for the management command.

Related Vulnerabilities

CVE-2018-0832

MEDIUM

CVSS:4.7(Medium)

The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure ...

CWE-4012018

CVE-2018-0895

MEDIUM

CVSS:4.7(Medium)

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 ...

CWE-4012018

CVE-2018-0901

MEDIUM

CVSS:4.7(Medium)

CWE-4012018

CVE-2019-15807

MEDIUM

CVSS:4.7(Medium)

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

CWE-4012019

CVE-2019-15921

MEDIUM

CVSS:4.7(Medium)

An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.

CWE-4012019

CVE-2019-16994

MEDIUM

CVSS:4.7(Medium)

In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b...

CWE-4012019