15 matches found
SUSE CVE-2026-31651
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences or use-after-free...
CVE-2026-31651
A flaw was found in the Linux kernel's mmc: vub300 driver. This vulnerability allows a local attacker to trigger a NULL-pointer dereference or use-after-free condition during device disconnection. Successful exploitation could lead to a system crash, resulting in a denial of service...
CVE-2026-31650
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix use-after-free on disconnect The vub300 driver maintains an explicit reference count for the controller and its driver data and the last reference can in theory be dropped after the driver has been unbound. This...
EUVD-2026-25544
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences or use-after-free...
CVE-2026-31650 mmc: vub300: fix use-after-free on disconnect
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix use-after-free on disconnect The vub300 driver maintains an explicit reference count for the controller and its driver data and the last reference can in theory be dropped after the driver has been unbound. This...
PT-2026-35003
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL-pointer dereference or use-after-free issue exists in the mmc: vub300 component. This occurs during disconnect if the controller is not deregistered before the reference to the...
SUSE CVE-2022-50430
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark current as TASKRUNNING for sleepable context. 77.554641 do not call blockin...
UBUNTU-CVE-2022-50430
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark current as TASKRUNNING for sleepable context. 77.554641 do not call blockin...
CVE-2022-50430
CVE-2022-50430 affects the Linux kernel mmc vub300 driver. The fix prevents calling blocking operations when the current task is not TASK_RUNNING by ensuring vub300_enable_sdio_irq() uses proper mutex usage and marks the current task as TASK_RUNNING in a sleepable context. This reduces a potentia...
CVE-2022-50430 mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark current as TASKRUNNING for sleepable context. 77.554641 do not call blockin...
PT-2025-40115
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5 Description The Linux kernel contained an issue within the vub300 driver related to handling interrupts in sleepable contexts. Specifically, the vub300 enable sdio irq function did not properly ensure...
SUSE CVE-2022-50251
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
CVE-2022-50251
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
PT-2025-37505
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The mmc add host function may return an error, and ignoring this return value can lead to a memory leak. This memory leak occurs because memory allocated in mmc alloc host is not freed...
kernel: Linux kernel: Denial of Service due to memory leak in mmc: vub300 module
A flaw was found in the Linux kernel's mmc: vub300 module. An incorrect return value check for mmcaddhost and a missing call to mmcfreehost when usbcontrolmsg fails can lead to memory leaks. A local attacker could exploit this vulnerability, causing the kernel to crash and resulting in a Denial o...