CVE-2022-50640
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, which is because the card device's reference counter does not increase for it at sdio_init_func(), but all SDIO card device reference counter gets decreased at sdio_release_func().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-05-07
AI Q&A
2025-12-09
EPSS Evaluated
2026-05-05
NVD
CVE-2022-50640
EUVD
EUVD-2022-55716
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's MMC core when a non-standard SDIO card is removed. The issue arises because the SDIO tuple is only allocated for standard SDIO cards, and the reference counter for the non-standard SDIO card device is not increased during initialization. However, the reference counter is decreased upon removal, leading to memory corruption and potentially causing a kernel panic.


How can this vulnerability impact me? :

This vulnerability can cause the Linux kernel to panic when a non-standard SDIO card is removed, which may lead to system crashes or instability. This can disrupt normal operations and potentially cause data loss or downtime.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart