CVE-2022-50886

Summary

In the Linux kernel, the following vulnerability has been resolved:

mmc: toshsd: fix return value check of mmc_add_host()

mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path.

So fix this by checking the return value and goto error path which will call mmc_free_host(), besides, free_irq() also needs be called.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < 34ae492f8d172f0bd193c24cad588b35419ea47aaffected
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < 3329e7b7132ca727263fb0ee214cf52cc6dcaaadaffected
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < 4f6cb1c685f9e20a4a9fa565e442f5af4dad70ffaffected
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < 3dbb69a0242c31ea4c9eee22b1c41b515fe509a0affected
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < aabbedcb6c9a72d12d35dc672e83f0c8064d8a61affected
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < 6444079767b68b1fbed0e7668081146e80dcb719affected
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < 647e370dd0ef7e212d8d014bda748e461eab2e8caffected
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < bfd77b194c94aefbde4efc30ddf8607dd9244672affected
LinuxLinuxa5eb8bbd66ccf9f169419f9652544aec771b7c57 < f670744a316ea983113a65313dcd387b5a992444affected
LinuxLinux3.19affected
LinuxLinux0 < 3.19unaffected
LinuxLinux4.9.337 <= 4.9.*unaffected
LinuxLinux4.14.303 <= 4.14.*unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References