CVE-2022-50886 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

mmc: toshsd: fix return value check of mmc_add_host()

mmc_add_host() may return error, if we ignore its return value, the memory
that allocated in mmc_alloc_host() will be leaked and it will lead a kernel
crash because of deleting not added device in the remove path.

So fix this by checking the return value and goto error path which will call
mmc_free_host(), besides, free_irq() also needs be called.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/3329e7b7132ca727263fb0ee214cf52cc6dcaaad
https://git.kernel.org/stable/c/34ae492f8d172f0bd193c24cad588b35419ea47a
https://git.kernel.org/stable/c/3dbb69a0242c31ea4c9eee22b1c41b515fe509a0
https://git.kernel.org/stable/c/4f6cb1c685f9e20a4a9fa565e442f5af4dad70ff
https://git.kernel.org/stable/c/6444079767b68b1fbed0e7668081146e80dcb719
https://git.kernel.org/stable/c/647e370dd0ef7e212d8d014bda748e461eab2e8c
https://git.kernel.org/stable/c/aabbedcb6c9a72d12d35dc672e83f0c8064d8a61
https://git.kernel.org/stable/c/bfd77b194c94aefbde4efc30ddf8607dd9244672
https://git.kernel.org/stable/c/f670744a316ea983113a65313dcd387b5a992444

History

Tue, 30 Dec 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and goto error path which will call mmc_free_host(), besides, free_irq() also needs be called.
Title		mmc: toshsd: fix return value check of mmc_add_host()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/3329e7b7132ca727263fb0ee214cf52cc6dcaaad https://git.kernel.org/stable/c/34ae492f8d172f0bd193c24cad588b35419ea47a https://git.kernel.org/stable/c/3dbb69a0242c31ea4c9eee22b1c41b515fe509a0 https://git.kernel.org/stable/c/4f6cb1c685f9e20a4a9fa565e442f5af4dad70ff https://git.kernel.org/stable/c/6444079767b68b1fbed0e7668081146e80dcb719 https://git.kernel.org/stable/c/647e370dd0ef7e212d8d014bda748e461eab2e8c https://git.kernel.org/stable/c/aabbedcb6c9a72d12d35dc672e83f0c8064d8a61 https://git.kernel.org/stable/c/bfd77b194c94aefbde4efc30ddf8607dd9244672 https://git.kernel.org/stable/c/f670744a316ea983113a65313dcd387b5a992444

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-30T12:34:12.782Z

Updated: 2025-12-30T12:34:12.782Z

Reserved: 2025-12-30T12:26:05.425Z

Link: CVE-2022-50886

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-30T13:16:03.720

Modified: 2025-12-30T13:16:03.720

Link: CVE-2022-50886

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Metrics

Affected Vendors & Products

Projects

Metrics

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object