SB2025091668 - Memory leak in Linux kernel qlogic qlcnic driver
Published: September 16, 2025 Updated: September 22, 2025
Security Bulletin ID
SB2025091668
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-50288)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qlcnic_probe() function in drivers/net/ethernet/qlogic/qlcnic/qlcnic_main.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/13a7c8964afcd8ca43c0b6001ebb0127baa95362
- https://git.kernel.org/stable/c/36999236f0b12d5de21a6f40e93b570727b9ceb2
- https://git.kernel.org/stable/c/513787ff9a331b461115e8a145a983d650a84fcb
- https://git.kernel.org/stable/c/8df1dc04ce0e4c03b51a756749c250a9cb17d707
- https://git.kernel.org/stable/c/8f97eeb02a553cdc78c83a0596448a370e1518c4
- https://git.kernel.org/stable/c/95df720e64a6409d8152827a776c43f615e3321a
- https://git.kernel.org/stable/c/a2a694e6edbdb3efb34e1613a31fdcf6cf444a55
- https://git.kernel.org/stable/c/d12a7510293d3370b234b0b7c5eda33e58786768
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.270