CVE-2022-50267
📋 TL;DR
This CVE-2022-50267 is a Linux kernel memory leak vulnerability in the mmc/rtsx_pci driver where mmc_add_host() return value isn't properly checked. If mmc_add_host() fails, allocated memory isn't freed, leading to resource exhaustion and potential kernel crashes. This affects Linux systems using Realtek PCIe card reader hardware.
💻 Affected Systems
- Linux kernel with rtsx_pci driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic and system crash due to memory exhaustion, potentially causing denial of service and data loss.
Likely Case
System instability or crashes when mmc_add_host() fails during device initialization, requiring reboot.
If Mitigated
Minor performance impact or device initialization failure without system crash.
🎯 Exploit Status
Exploitation requires triggering mmc_add_host() failure, which may occur during device initialization or hardware issues.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel stable releases containing commits 0c87db77423a, 30dc645461df, 5cd4e04eccaec, or ffa9b2a79e3e
Vendor Advisory: https://git.kernel.org/stable/c/0c87db77423a282b3b38b8a6daf057b822680516
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Reboot system. 3. Verify kernel version and driver functionality.
🔧 Temporary Workarounds
Disable rtsx_pci driver
allPrevent loading of vulnerable driver module
echo 'blacklist rtsx_pci' >> /etc/modprobe.d/blacklist.conf
rmmod rtsx_pci
🧯 If You Can't Patch
- Monitor system logs for mmc/rtsx_pci errors and kernel oops messages
- Consider disabling PCIe card reader functionality if not required
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if rtsx_pci driver is loaded: lsmod | grep rtsx_pciCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is patched and driver loads without errors in dmesg📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- mmc_add_host failure logs
- Out of memory errors in dmesg
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("mmc_add_host" OR "rtsx_pci" OR "kernel panic")