CVE-2022-50653

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s mmc subsystem, specifically within the atmel-mci driver. The mmc add host() function may return an error, and failure to check this return value can lead to two issues. First, memory allocated by mmc alloc host() may be leaked. Second, in the removal process, mmc remove host() could be called on a device that was not properly added, resulting in a kernel crash due to a null pointer dereference in device del(). The issue stems from an inadequate check of the return value of the mmc add host() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.