CVE-2022-50858

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the mmc subsystem, specifically within the alcor driver. A missing return value check in the mmc add host() function can lead to a memory leak if the function returns an error. This memory leak occurs because memory allocated by mmc alloc host() is not freed. Subsequently, attempting to remove a device that was not properly added can cause a kernel crash. The issue is resolved by checking the return value of mmc add host() and calling mmc free host() in the error path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.