github - ghsa-f722-q47q-2685

ghsa-f722-q47q-2685

Vulnerability from github

Published

2025-12-30 15:30

Modified

2025-12-30 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

mmc: sunplus: fix return value check of mmc_add_host()

mmc_add_host() may return error, if we ignore its return value, 1. the memory allocated in mmc_alloc_host() will be leaked 2. null-ptr-deref will happen when calling mmc_remove_host() in remove function spmmc_drv_remove() because deleting not added device.

Fix this by checking the return value of mmc_add_host(). Moreover, I fixed the error handling path of spmmc_drv_probe() to clean up.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-54204"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-30T13:16:08Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sunplus: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value,\n1. the memory allocated in mmc_alloc_host() will be leaked\n2. null-ptr-deref will happen when calling mmc_remove_host()\nin remove function spmmc_drv_remove() because deleting not\nadded device.\n\nFix this by checking the return value of mmc_add_host(). Moreover,\nI fixed the error handling path of spmmc_drv_probe() to clean up.",
  "id": "GHSA-f722-q47q-2685",
  "modified": "2025-12-30T15:30:31Z",
  "published": "2025-12-30T15:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-54204"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/741a951f41929f39cae70c66d86d0754d3129d0a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dce6d8f985fa1ef5c2af47f4f86ea65511b78656"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2023-54204 (GCVE-0-2023-54204)

Vulnerability from cvelistv5

Published

2025-12-30 12:11

Modified

2025-12-30 12:11

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, 1. the memory allocated in mmc_alloc_host() will be leaked 2. null-ptr-deref will happen when calling mmc_remove_host() in remove function spmmc_drv_remove() because deleting not added device. Fix this by checking the return value of mmc_add_host(). Moreover, I fixed the error handling path of spmmc_drv_probe() to clean up.

References

URL

Tags

	https://git.kernel.org/stable/c/741a951f41929f39cae70c66d86d0754d3129d0a
	https://git.kernel.org/stable/c/dce6d8f985fa1ef5c2af47f4f86ea65511b78656

Impacted products

Vendor

Product

Version

Version: 4e268fed8b1861616af28f9cfb4eed8ca5d7af6c
Version: 4e268fed8b1861616af28f9cfb4eed8ca5d7af6c

Version: 6.2

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/host/sunplus-mmc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "741a951f41929f39cae70c66d86d0754d3129d0a",
              "status": "affected",
              "version": "4e268fed8b1861616af28f9cfb4eed8ca5d7af6c",
              "versionType": "git"
            },
            {
              "lessThan": "dce6d8f985fa1ef5c2af47f4f86ea65511b78656",
              "status": "affected",
              "version": "4e268fed8b1861616af28f9cfb4eed8ca5d7af6c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/host/sunplus-mmc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "lessThan": "6.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.12",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sunplus: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value,\n1. the memory allocated in mmc_alloc_host() will be leaked\n2. null-ptr-deref will happen when calling mmc_remove_host()\nin remove function spmmc_drv_remove() because deleting not\nadded device.\n\nFix this by checking the return value of mmc_add_host(). Moreover,\nI fixed the error handling path of spmmc_drv_probe() to clean up."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:11:04.622Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/741a951f41929f39cae70c66d86d0754d3129d0a"
        },
        {
          "url": "https://git.kernel.org/stable/c/dce6d8f985fa1ef5c2af47f4f86ea65511b78656"
        }
      ],
      "title": "mmc: sunplus: fix return value check of mmc_add_host()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54204",
    "datePublished": "2025-12-30T12:11:04.622Z",
    "dateReserved": "2025-12-30T12:06:44.499Z",
    "dateUpdated": "2025-12-30T12:11:04.622Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.