UBUNTU-CVE-2022-50618
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. In the remove() path, mmc_remove_host() will be called to delete device, but it's not added yet, it will lead a kernel crash because of null-ptr-deref in device_del(). Fix this by checking the return value and goto error path which will call mmc_free_host().
Affected Systems
- ubuntu•linux
< 4.15.0-208.220 | < 5.4.0-144.161 | < 5.15.0-69.76
- ubuntu•linux-allwinner-5.19
all
- ubuntu•linux-aws
< 4.15.0-1153.166 | < 5.4.0-1097.105 | < 5.15.0-1033.37
- ubuntu•linux-aws-5.0
all
- ubuntu•linux-aws-5.11
all
- ubuntu•linux-aws-5.13
all
- ubuntu•linux-aws-5.15
< 5.15.0-1033.37~20.04.1
- ubuntu•linux-aws-5.19
all
- ubuntu•linux-aws-5.3
all
- ubuntu•linux-aws-5.4
< 5.4.0-1097.105~18.04.1
- ubuntu•linux-aws-5.8
all
- ubuntu•linux-aws-6.2
all
- ubuntu•linux-aws-6.5
all
- ubuntu•linux-aws-fips
< 4.15.0-2092.98 | all | < 5.4.0-1099.107+fips1
- ubuntu•linux-aws-hwe
< 4.15.0-1153.166~16.04.1
- ubuntu•linux-azure
< 4.15.0-1162.177~14.04.1 | < 4.15.0-1162.177~16.04.1 | all | < 5.4.0-1104.110 | < 5.15.0-1035.42
- ubuntu•linux-azure-4.15
< 4.15.0-1162.177
- ubuntu•linux-azure-5.11
all
- ubuntu•linux-azure-5.13
all
- ubuntu•linux-azure-5.15
< 5.15.0-1035.42~20.04.1
- ubuntu•linux-azure-5.19
all
- ubuntu•linux-azure-5.3
all
- ubuntu•linux-azure-5.4
< 5.4.0-1104.110~18.04.1
- ubuntu•linux-azure-5.8
all
- ubuntu•linux-azure-6.11
all
- ubuntu•linux-azure-6.2
all
- ubuntu•linux-azure-6.5
all
- ubuntu•linux-azure-edge
all
- ubuntu•linux-azure-fde
all | all
- ubuntu•linux-azure-fde-5.19
all
- ubuntu•linux-azure-fde-6.2
all
- ubuntu•linux-azure-fips
< 4.15.0-2071.77 | all | < 5.4.0-1104.110+fips1
- ubuntu•linux-bluefield
< 5.15.0-1015.17 | < 5.4.0-1059.65 | < 5.15.0-1015.17 | all
- ubuntu•linux-fips
< 4.15.0-1108.119 | all | < 5.4.0-1073.82
- ubuntu•linux-gcp
< 4.15.0-1147.163~16.04.1 | all | < 5.4.0-1101.110 | < 5.15.0-1031.38
- ubuntu•linux-gcp-4.15
< 4.15.0-1147.163
- ubuntu•linux-gcp-5.11
all
- ubuntu•linux-gcp-5.13
all
- ubuntu•linux-gcp-5.15
< 5.15.0-1031.38~20.04.1
- ubuntu•linux-gcp-5.19
all
- ubuntu•linux-gcp-5.3
all
- ubuntu•linux-gcp-5.4
< 5.4.0-1101.110~18.04.1
- ubuntu•linux-gcp-5.8
all
- ubuntu•linux-gcp-6.11
all
- ubuntu•linux-gcp-6.2
all
- ubuntu•linux-gcp-6.5
all
- ubuntu•linux-gcp-fips
< 4.15.0-2055.60 | all | < 5.4.0-1101.110+fips1
- ubuntu•linux-gke
all | < 5.15.0-1030.35
- ubuntu•linux-gke-4.15
all
- ubuntu•linux-gke-5.15
all
Showing first 50 affected entries in server-rendered view.
References (10)
- https://ubuntu.com/security/CVE-2022-50618
- https://www.cve.org/CVERecord?id=CVE-2022-50618
- https://git.kernel.org/linus/90935f16f2650ab7416fa2ffbe5c28cb39cf3f1e
- https://git.kernel.org/stable/c/42343e3c6195e934b9cb4c08b7ff84a3778d77f9
- https://git.kernel.org/stable/c/64b2c441171febf075bd9632aca579afda8ab9fb
- https://git.kernel.org/stable/c/90935f16f2650ab7416fa2ffbe5c28cb39cf3f1e
- https://git.kernel.org/stable/c/9e11c6bb745be4e9b325cf96031b4ea34801342d
- https://git.kernel.org/stable/c/e0cfe7aa41f3965f5224affd88afd48c60f6ad1f
- https://git.kernel.org/stable/c/f5506e0bbb25102bd8ef2e1a3b483a0b934e454e
- https://git.kernel.org/stable/c/f5ce76aeddf01ca8f2a80fc37119388d59db7c10