CVE-2022-50340
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-16

Last updated on: 2025-12-01

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimc_init() fails In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called rather than platform_device_unregister(&vimc_pdev), which causes kernel warning: Unexpected driver unregister! WARNING: CPU: 1 PID: 14517 at drivers/base/driver.c:270 driver_unregister+0x8f/0xb0 RIP: 0010:driver_unregister+0x8f/0xb0 Call Trace: <TASK> vimc_init+0x7d/0x1000 [vimc] do_one_initcall+0xd0/0x4e0 do_init_module+0x1cf/0x6b0 load_module+0x65c2/0x7820
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-16
Last Modified
2025-12-01
Generated
2026-05-27
AI Q&A
2025-09-16
EPSS Evaluated
2026-05-25
NVD
CVE-2022-50340
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 4.13 (inc) to 5.10.163 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.86 (exc)
linux linux_kernel From 5.16 (inc) to 6.0.16 (exc)
linux linux_kernel From 6.1 (inc) to 6.1.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-617 The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a bug in the Linux kernel's vimc driver initialization function (vimc_init). When the function platform_driver_register(&vimc_pdrv) fails, the code incorrectly calls platform_driver_unregister(&vimc_pdrv) instead of platform_device_unregister(&vimc_pdev). This mistake causes a kernel warning about an unexpected driver unregister event.


How can this vulnerability impact me? :

The impact of this vulnerability is that it causes a kernel warning due to improper handling of driver registration failure. This may lead to instability or unexpected behavior during the initialization of the vimc driver, but no direct security impact or exploitation details are provided.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking for the kernel warning message related to the vimc driver. Look for logs containing 'Unexpected driver unregister!' and 'WARNING: CPU' messages in your system logs (e.g., using dmesg or journalctl). For example, run: dmesg | grep -i 'Unexpected driver unregister' or journalctl -k | grep -i 'Unexpected driver unregister'.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version where the vimc driver initialization issue is fixed, as the vulnerability is resolved by correcting the function call in vimc_init(). Until then, monitoring for the warning messages and avoiding loading the vimc driver module may reduce exposure.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart