CVE-2022-50858
Published Dec 30, 2025
Modified Apr 15, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash because of deleting not added device in the remove path. So fix this by checking the return value and calling mmc_free_host() in the error path.
Is your site exposed to CVE-2022-50858?
Run a free security scan — no signup, results in seconds.
References
Other References
https://git.kernel.org/stable/c/289c964fe182ce755044a6cd57698072e12ffa6f
https://git.kernel.org/stable/c/29c5b4da41f35108136d843c7432885c78cf8272
https://git.kernel.org/stable/c/48dc06333d75f41c2ce9ba954bc3231324b45914
https://git.kernel.org/stable/c/4a6e5d0222804a3eaf2ea4cf893f412e7cf98cb2
https://git.kernel.org/stable/c/60fafcf2fb7ee9a4125dc9a86eeb9d490acf23e2
https://git.kernel.org/stable/c/e93d1468f429475a753d6baa79b853b7ee5ef8c0
Frequently Asked Questions
What is CVE-2022-50858? +
In the Linux kernel, the following vulnerability has been resolved:
mmc: alcor: fix return value check of mmc_add_host()
mmc_add_host() may return error, if we ignore its return value, the memory
that allocated in mmc_alloc_host() will be leaked and it will lead a kernel
crash because of deleting not added device in the remove path.
So fix this by checking the return value and calling mmc_free_host() in the
error path.
How do I check if I'm vulnerable to CVE-2022-50858? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.