VYPR
Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Apr 15, 2026

CVE-2022-50840

CVE-2022-50840

Description

In the Linux kernel, the following vulnerability has been resolved:

scsi: snic: Fix possible UAF in snic_tgt_create()

Smatch reports a warning as follows:

drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn: '&tgt->list' not removed from list

If device_add() fails in snic_tgt_create(), tgt will be freed, but tgt->list will not be removed from snic->disc.tgt_list, then list traversal may cause UAF.

Remove from snic->disc.tgt_list before free().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

88

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.