CVE-2022-50493Missing Synchronization in Linux

CWE-820Missing Synchronization5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 96.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_start_nvme_mq+0x3a2/0x4b0 [qla2xxx] qla_nvme_post_cmd+0x166/0x240 [qla2xxx] nvme_fc_start_fcp_op.part.0+0x119/0x2e0 [nvme_fc] blk_mq_dispatch_rq_list+0x17b/0x610 __blk_mq_sched_dispatch_requests+0xb0/0x140 blk_mq_sched_dispatch_reque

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.3.175.4+3
Debianlinux/linux_kernel< 6.1.4-1+2
CVEListV5linux/linux71c80b75ce8f08c0978ce9a9816b81b5c3ce5e12d3871af13aa03fbbe7fbb812eaf140501229a72e+6
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50493: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a2025-10-04
GHSA
GHSA-j4m7-gjwp-4ff2: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug,2025-10-04

📋Vendor Advisories

2
Red Hat
kernel: scsi: qla2xxx: Fix crash when I/O abort times out2025-10-04
Debian
CVE-2022-50493: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: qla2x...2022