CVE-2022-50268

Summary

In the Linux kernel, the following vulnerability has been resolved:

mmc: moxart: fix return value check of mmc_add_host()

mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path.

So fix this by checking the return value and goto error path which will call mmc_free_host().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < a4c765f5d8e58138cff69f1510b2e8942ec37022affected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < a94d466f31a5201995d39bc1208e2c09ab04f0bfaffected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < c7e9a2059fb943fc3c3fa12261518fd72a0fc136affected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < b174f2b36c638fc7737df6c8aac1889a646be98faffected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < 7c3b301ca8b0cab392c71da8fcdfa499074f8e97affected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < f0502fe86a2db2336c9498d2de3e97f22dcf85aeaffected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < 8f8bb62c7c5c833758ef1563fe738afd579c3efeaffected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < 40aa73c70e8a5706f9cbe01409a5e51cc0f1750eaffected
LinuxLinux1b66e94e6b9995323190f31c51d8e1a6f516627e < 0ca18d09c744fb030ae9bc5836c3e357e0237deaaffected
LinuxLinux3.16affected
LinuxLinux0 < 3.16unaffected
LinuxLinux4.9.337 <= 4.9.*unaffected
LinuxLinux4.14.303 <= 4.14.*unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References