CVE-2022-50267

Sept. 15, 2025, 3:22 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_pci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and calling mmc_free_host() in the error path, beside, runtime PM also needs be disabled.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/0c87db77423a282b3b38b8a6daf057b822680516
https://git.kernel.org/stable/c/30dc645461dfc63e52b3af8ee4a98e17bf14bacf
https://git.kernel.org/stable/c/5cd4e04eccaec140da6fa04db056a76282ee6852
https://git.kernel.org/stable/c/ffa9b2a79e3e959683efbad3f6db937eca9d38f5

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-09-15
CVE-2022-50267

Timeline

Published: Sept. 15, 2025, 3:15 p.m.
Last Modified: Sept. 15, 2025, 3:22 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.