CVE-2022-50347 in Linux
Summary
by MITRE • 09/16/2025
In the Linux kernel, the following vulnerability has been resolved:
mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()
mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path.
So fix this by checking the return value and calling mmc_free_host() in the error path, besides, led_classdev_unregister() and pm_runtime_disable() also need be called.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 02/23/2026
The vulnerability identified as CVE-2022-50347 represents a critical memory management flaw within the Linux kernel's multimedia card subsystem, specifically affecting the rtsx_usb_sdmmc driver component. This issue resides in the mmc subsystem which governs storage device communications and is fundamental to system stability and security. The flaw manifests when the mmc_add_host() function fails to return an appropriate error code, creating a scenario where allocated memory resources are not properly released, leading to potential system crashes and resource exhaustion.
The technical root cause stems from inadequate error handling in the device initialization sequence where the return value of mmc_add_host() is not properly validated. When this function encounters an error condition, it returns a negative error code indicating failure, but the calling code fails to check this return value. This oversight results in memory allocated through mmc_alloc_host() being leaked, as the system proceeds with operations that assume successful device registration. The vulnerability is particularly dangerous because it creates a state where device structures are partially initialized, causing the kernel to attempt operations on non-existent or improperly registered devices during cleanup phases.
The operational impact of this vulnerability extends beyond simple memory leaks to encompass potential system instability and crash conditions. When the device removal path executes, it attempts to delete structures that were never properly added to the system's device registry, causing kernel oops or panic conditions. This behavior aligns with CWE-459, which describes incomplete cleanup issues in software systems. The vulnerability creates a condition where kernel memory management becomes corrupted, potentially allowing for denial of service attacks that could compromise system availability. Attackers could exploit this by repeatedly triggering device initialization failures, leading to progressive memory exhaustion and system instability.
Mitigation strategies for CVE-2022-50347 require immediate implementation of proper error handling throughout the device initialization and cleanup pathways. The fix involves implementing comprehensive return value checking for mmc_add_host() calls and ensuring that mmc_free_host() is invoked in error handling paths to prevent memory leaks. Additionally, the solution requires proper cleanup of associated resources including led_classdev_unregister() and pm_runtime_disable() calls that must be executed regardless of initialization success or failure. This remediation approach aligns with ATT&CK technique T1499.004, which covers system network configuration modification, as it addresses fundamental system stability mechanisms. System administrators should prioritize patching affected kernel versions and implementing monitoring for unusual memory allocation patterns or kernel crash reports. The fix demonstrates proper defensive programming practices and resource management, ensuring that all allocated resources are properly released regardless of execution flow outcomes, thereby maintaining system integrity and preventing potential escalation to more severe security implications.