Memory Leak Vulnerability in Linux Kernel Affecting Device Management
CVE-2022-50886

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
30 December 2025

What is CVE-2022-50886?

A vulnerability exists in the Linux kernel related to the mmc_add_host() function, where failure to check its return value can lead to a memory leak. If this oversight is ignored, it can cause the system to crash when trying to remove a device that was not successfully added. The vulnerability has been addressed by ensuring that the return value of mmc_add_host() is properly checked. In addition, corrective measures include releasing allocated resources and interrupt lines to prevent data loss and improve system stability.

Affected Version(s)

Linux a5eb8bbd66ccf9f169419f9652544aec771b7c57 < 34ae492f8d172f0bd193c24cad588b35419ea47a

Linux a5eb8bbd66ccf9f169419f9652544aec771b7c57 < 3329e7b7132ca727263fb0ee214cf52cc6dcaaad

Linux a5eb8bbd66ccf9f169419f9652544aec771b7c57 < 4f6cb1c685f9e20a4a9fa565e442f5af4dad70ff

References

https://git.kernel.org/stable/c/34ae492f8d172f0bd193c24ca...
https://git.kernel.org/stable/c/3329e7b7132ca727263fb0ee2...
https://git.kernel.org/stable/c/4f6cb1c685f9e20a4a9fa565e...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2022-50886 : Memory Leak Vulnerability in Linux Kernel Affecting Device Management