CVE-2022-50353 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

mmc: wmt-sdmmc: fix return value check of mmc_add_host()

mmc_add_host() may return error, if we ignore its return value, the memory
that allocated in mmc_alloc_host() will be leaked and it will lead a kernel
crash because of deleting not added device in the remove path.

So fix this by checking the return value and goto error path which will call
mmc_free_host(), besides, clk_disable_unprepare() also needs be called.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/29276d56f6ed138db0f38cd31aedc0b725c8c76c
https://git.kernel.org/stable/c/58c3a8d0f1abeb1ca5c2df948be58ad4f7bb6f67
https://git.kernel.org/stable/c/70b0620afab3c69d95a7e2dd7ceff162a21c4009
https://git.kernel.org/stable/c/9bedf64dda84b29151e41591d8ded9ff0e6d336a
https://git.kernel.org/stable/c/b40ac3b696a9c84b36211ef0c3f5a422650c101b
https://git.kernel.org/stable/c/c7a328cea791cc2769b6417943939420913b4a46
https://git.kernel.org/stable/c/eb7a2d516d4fbd165c07877a20feccb047342b1f
https://git.kernel.org/stable/c/ecd6f77af3478f5223aa4011642a891b7dc91228

History

Wed, 17 Sep 2025 15:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(), besides, clk_disable_unprepare() also needs be called.
Title		mmc: wmt-sdmmc: fix return value check of mmc_add_host()
References		https://git.kernel.org/stable/c/29276d56f6ed138db0f38cd31aedc0b725c8c76c https://git.kernel.org/stable/c/58c3a8d0f1abeb1ca5c2df948be58ad4f7bb6f67 https://git.kernel.org/stable/c/70b0620afab3c69d95a7e2dd7ceff162a21c4009 https://git.kernel.org/stable/c/9bedf64dda84b29151e41591d8ded9ff0e6d336a https://git.kernel.org/stable/c/b40ac3b696a9c84b36211ef0c3f5a422650c101b https://git.kernel.org/stable/c/c7a328cea791cc2769b6417943939420913b4a46 https://git.kernel.org/stable/c/eb7a2d516d4fbd165c07877a20feccb047342b1f https://git.kernel.org/stable/c/ecd6f77af3478f5223aa4011642a891b7dc91228

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-17T14:56:06.761Z

Updated: 2025-09-17T14:56:06.761Z

Reserved: 2025-09-16T16:03:27.882Z

Link: CVE-2022-50353

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-17T15:15:33.270

Modified: 2025-09-17T15:15:33.270

Link: CVE-2022-50353

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object