{"id":"CVE-2022-50886","summary":"mmc: toshsd: fix return value check of mmc_add_host()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: toshsd: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value, the memory\nthat allocated in mmc_alloc_host() will be leaked and it will lead a kernel\ncrash because of deleting not added device in the remove path.\n\nSo fix this by checking the return value and goto error path which will call\nmmc_free_host(), besides, free_irq() also needs be called.","modified":"2026-04-02T08:28:49.376212Z","published":"2025-12-30T12:34:12.782Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50886.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/3329e7b7132ca727263fb0ee214cf52cc6dcaaad"},{"type":"WEB","url":"https://git.kernel.org/stable/c/34ae492f8d172f0bd193c24cad588b35419ea47a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3dbb69a0242c31ea4c9eee22b1c41b515fe509a0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4f6cb1c685f9e20a4a9fa565e442f5af4dad70ff"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6444079767b68b1fbed0e7668081146e80dcb719"},{"type":"WEB","url":"https://git.kernel.org/stable/c/647e370dd0ef7e212d8d014bda748e461eab2e8c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aabbedcb6c9a72d12d35dc672e83f0c8064d8a61"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bfd77b194c94aefbde4efc30ddf8607dd9244672"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f670744a316ea983113a65313dcd387b5a992444"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50886.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50886"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a5eb8bbd66ccf9f169419f9652544aec771b7c57"},{"fixed":"34ae492f8d172f0bd193c24cad588b35419ea47a"},{"fixed":"3329e7b7132ca727263fb0ee214cf52cc6dcaaad"},{"fixed":"4f6cb1c685f9e20a4a9fa565e442f5af4dad70ff"},{"fixed":"3dbb69a0242c31ea4c9eee22b1c41b515fe509a0"},{"fixed":"aabbedcb6c9a72d12d35dc672e83f0c8064d8a61"},{"fixed":"6444079767b68b1fbed0e7668081146e80dcb719"},{"fixed":"647e370dd0ef7e212d8d014bda748e461eab2e8c"},{"fixed":"bfd77b194c94aefbde4efc30ddf8607dd9244672"},{"fixed":"f670744a316ea983113a65313dcd387b5a992444"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50886.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.19.0"},{"fixed":"4.9.337"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.10.0"},{"fixed":"4.14.303"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.270"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.229"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.163"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.86"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.0.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.1.0"},{"fixed":"6.1.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50886.json"}}],"schema_version":"1.7.5"}