CVE-2022-50640

In the Linux kernel, the following vulnerability has been resolved:

mmc: core: Fix kernel panic when remove non-standard SDIO card

SDIO tuple is only allocated for standard SDIO card, especially it causes
memory corruption issues when the non-standard SDIO card has removed, which
is because the card device's reference counter does not increase for it at
sdio_init_func(), but all SDIO card device reference counter gets decreased
at sdio_release_func().
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.244-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.17.9-1
fixed
sid
6.17.11-1
fixed
References
https://git.kernel.org/stable/c/1e8cd93ae536581562bab4e1d8c5315bbc2548bf
https://git.kernel.org/stable/c/1fb79478695d92bab1c120ad3dad05252b02a29d
https://git.kernel.org/stable/c/66d461a92f32b6995b630625d350259b6b1f961b
https://git.kernel.org/stable/c/7a09c64b7da0abdec3919812e3d93ecc44069ed0
https://git.kernel.org/stable/c/8bf037279b5869ae9331c42bb1527d2680ebba96
https://git.kernel.org/stable/c/9972e6b404884adae9eec7463e30d9b3c9a70b18
https://git.kernel.org/stable/c/b3275dde570b6420106a715bb58a0af041b94d95
https://git.kernel.org/stable/c/b8b2965932e702b21e335ff30e1bb550f5a23b6f