CVE-2022-50267

MEDIUM EPSS 4.2%
Published Sep 15, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 15, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_pci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and calling mmc_free_host() in the error path, beside, runtime PM also needs be disabled.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥3.8  –  <5.15.86
linuxlinux_kernel*≥5.16  –  <6.0.16
linuxlinux_kernel*≥6.1  –  <6.1.2

References 4

  • git.kernel.org https://git.kernel.org/stable/c/0c87db77423a282b3b38b8a6daf057b822680516
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30dc645461dfc63e52b3af8ee4a98e17bf14bacf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5cd4e04eccaec140da6fa04db056a76282ee6852
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ffa9b2a79e3e959683efbad3f6db937eca9d38f5
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0c87db77423a282b3b38b8a6daf057b822680516
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30dc645461dfc63e52b3af8ee4a98e17bf14bacf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5cd4e04eccaec140da6fa04db056a76282ee6852
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ffa9b2a79e3e959683efbad3f6db937eca9d38f5
    Patch