CVE-2022-50640

SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, which is because the card device's reference counter does not increase for it at sdioinitfunc(), but all SDIO card device reference counter gets decreased at sdioreleasefunc().

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50640.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

6f51be3d37dff73cf8db771df4169f4c2f1cbf66

Fixed

b8b2965932e702b21e335ff30e1bb550f5a23b6f

Fixed

b3275dde570b6420106a715bb58a0af041b94d95

Fixed

1fb79478695d92bab1c120ad3dad05252b02a29d

Fixed

7a09c64b7da0abdec3919812e3d93ecc44069ed0

Fixed

8bf037279b5869ae9331c42bb1527d2680ebba96

Fixed

1e8cd93ae536581562bab4e1d8c5315bbc2548bf

Fixed

66d461a92f32b6995b630625d350259b6b1f961b

Fixed

9972e6b404884adae9eec7463e30d9b3c9a70b18

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50640.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.6.36

Fixed

4.9.332

Type: ECOSYSTEM
Events: Introduced

4.10.0

Fixed

4.14.298

Type: ECOSYSTEM
Events: Introduced

4.15.0

Fixed

4.19.264

Type: ECOSYSTEM
Events: Introduced

4.20.0

Fixed

5.4.223

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.153

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.77

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.0.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50640.json"