CVE-2022-50319
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-12-04

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove cpuhp instance node before remove cpuhp state cpuhp_state_add_instance() and cpuhp_state_remove_instance() should be used in pairs. Or there will lead to the warn on cpuhp_remove_multi_state() since the cpuhp_step list is not empty. The following is the error log with 'rmmod coresight-trbe': Error: Removing state 215 which has instances left. Call trace: __cpuhp_remove_state_cpuslocked+0x144/0x160 __cpuhp_remove_state+0xac/0x100 arm_trbe_device_remove+0x2c/0x60 [coresight_trbe] platform_remove+0x34/0x70 device_remove+0x54/0x90 device_release_driver_internal+0x1e4/0x250 driver_detach+0x5c/0xb0 bus_remove_driver+0x64/0xc0 driver_unregister+0x3c/0x70 platform_driver_unregister+0x20/0x30 arm_trbe_exit+0x1c/0x658 [coresight_trbe] __arm64_sys_delete_module+0x1ac/0x24c invoke_syscall+0x50/0x120 el0_svc_common.constprop.0+0x58/0x1a0 do_el0_svc+0x38/0xd0 el0_svc+0x2c/0xc0 el0t_64_sync_handler+0x1ac/0x1b0 el0t_64_sync+0x19c/0x1a0 ---[ end trace 0000000000000000 ]---
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-12-04
Generated
2026-06-16
AI Q&A
2025-09-15
EPSS Evaluated
2026-06-14
NVD
CVE-2022-50319
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.13 (inc) to 5.15.86 (exc)
linux linux_kernel From 5.16 (inc) to 6.0.16 (exc)
linux linux_kernel From 6.1 (inc) to 6.1.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel relates to improper handling of CPU hotplug (cpuhp) state instances in the coresight-trbe driver. Specifically, the functions cpuhp_state_add_instance() and cpuhp_state_remove_instance() must be used in pairs. Failure to do so leads to warnings and errors when removing the coresight-trbe module, as the cpuhp_step list is not empty, causing an error during module removal.

Impact Analysis

The impact of this vulnerability is that attempting to remove the coresight-trbe module from the Linux kernel can result in errors and warnings due to improper cleanup of CPU hotplug state instances. This could potentially lead to instability or resource leaks in the kernel module management process.

Detection Guidance

This vulnerability can be detected by observing error logs related to the removal of the coresight-trbe module. Specifically, look for warnings or errors such as 'Removing state 215 which has instances left' during the execution of 'rmmod coresight-trbe'. Monitoring kernel logs (e.g., using 'dmesg' or 'journalctl -k') for such messages can help identify the issue.

Mitigation Strategies

To mitigate this vulnerability, ensure that cpuhp_state_add_instance() and cpuhp_state_remove_instance() are used in pairs when managing cpuhp instances. Avoid removing the cpuhp instance node before removing the cpuhp state to prevent warnings and errors. Applying the patch or update that fixes the coresight-trbe module to correctly remove cpuhp instances before states is recommended.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50319. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart