CVE-2022-50670

Source
https://cve.org/CVERecord?id=CVE-2022-50670
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50670.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50670
Downstream
Related
Published
2025-12-09T01:29:21.864Z
Modified
2026-06-18T03:57:03.190293195Z
Summary
mmc: omap_hsmmc: fix return value check of mmc_add_host()
Details

In the Linux kernel, the following vulnerability has been resolved:

mmc: omaphsmmc: fix return value check of mmcadd_host()

mmcaddhost() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost() is leaked. 2. In the remove() path, mmcremovehost() will be called to delete device, but it's not added yet, it will lead a kernel crash because of null-ptr-deref in device_del().

Fix this by checking the return value and goto error path wihch will call mmcfreehost().

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50670.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a45c6cb816474cefe56059fce422a9bdcd77e0dc
Fixed
f153c9e15f8961bdf38707853e15b42ea7c691d9
Fixed
fb3d596267a98813a7a8206097d8d46c98505a0d
Fixed
62005dfcc396424db3337a1dc3ab49623537f5e5
Fixed
a5f8a4583280a76e50329b910e91ef1dea1e6c79
Fixed
4e1dc24bcfc8257f24c0663badec7e4f3ae80558
Fixed
a525cad241c339ca00bf7ebf03c5180f2a9b767c

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50670.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.29
Fixed
5.4.229
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.163
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.86
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.0.16
Type
ECOSYSTEM
Events
Introduced
6.1.0
Fixed
6.1.2

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50670.json"