References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

mmc: meson-gx: fix return value check of mmc_add_host()

mmc_add_host() may return error, if we ignore its return value,
it will lead two issues:
1. The memory that allocated in mmc_alloc_host() is leaked.
2. In the remove() path, mmc_remove_host() will be called to
   delete device, but it's not added yet, it will lead a kernel
   crash because of null-ptr-deref in device_del().

Fix this by checking the return value and goto error path which
will call mmc_free_host().

https://git.kernel.org/stable/c/42343e3c6195e934b9cb4c08b7ff84a3778d77f9

https://git.kernel.org/stable/c/64b2c441171febf075bd9632aca579afda8ab9fb

https://git.kernel.org/stable/c/90935f16f2650ab7416fa2ffbe5c28cb39cf3f1e

https://git.kernel.org/stable/c/9e11c6bb745be4e9b325cf96031b4ea34801342d

https://git.kernel.org/stable/c/e0cfe7aa41f3965f5224affd88afd48c60f6ad1f

https://git.kernel.org/stable/c/f5506e0bbb25102bd8ef2e1a3b483a0b934e454e

https://git.kernel.org/stable/c/f5ce76aeddf01ca8f2a80fc37119388d59db7c10