CVE-2022-50886

EUVD-2022-55910
In the Linux kernel, the following vulnerability has been resolved:

mmc: toshsd: fix return value check of mmc_add_host()

mmc_add_host() may return error, if we ignore its return value, the memory
that allocated in mmc_alloc_host() will be leaked and it will lead a kernel
crash because of deleting not added device in the remove path.

So fix this by checking the return value and goto error path which will call
mmc_free_host(), besides, free_irq() also needs be called.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.247-1
fixed
forky
6.17.13-1
fixed
sid
6.17.13-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/3329e7b7132ca727263fb0ee214cf52cc6dcaaad
https://git.kernel.org/stable/c/34ae492f8d172f0bd193c24cad588b35419ea47a
https://git.kernel.org/stable/c/3dbb69a0242c31ea4c9eee22b1c41b515fe509a0
https://git.kernel.org/stable/c/4f6cb1c685f9e20a4a9fa565e442f5af4dad70ff
https://git.kernel.org/stable/c/6444079767b68b1fbed0e7668081146e80dcb719
https://git.kernel.org/stable/c/647e370dd0ef7e212d8d014bda748e461eab2e8c
https://git.kernel.org/stable/c/aabbedcb6c9a72d12d35dc672e83f0c8064d8a61
https://git.kernel.org/stable/c/bfd77b194c94aefbde4efc30ddf8607dd9244672
https://git.kernel.org/stable/c/f670744a316ea983113a65313dcd387b5a992444