CVE-2022-50340
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-16

Last updated on: 2025-12-01

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimc_init() fails In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called rather than platform_device_unregister(&vimc_pdev), which causes kernel warning: Unexpected driver unregister! WARNING: CPU: 1 PID: 14517 at drivers/base/driver.c:270 driver_unregister+0x8f/0xb0 RIP: 0010:driver_unregister+0x8f/0xb0 Call Trace: <TASK> vimc_init+0x7d/0x1000 [vimc] do_one_initcall+0xd0/0x4e0 do_init_module+0x1cf/0x6b0 load_module+0x65c2/0x7820
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-16
Last Modified
2025-12-01
Generated
2026-06-16
AI Q&A
2025-09-16
EPSS Evaluated
2026-06-14
NVD
CVE-2022-50340
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 4.13 (inc) to 5.10.163 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.86 (exc)
linux linux_kernel From 5.16 (inc) to 6.0.16 (exc)
linux linux_kernel From 6.1 (inc) to 6.1.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-617 The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a bug in the Linux kernel's vimc driver initialization function (vimc_init). When the function platform_driver_register(&vimc_pdrv) fails, the code incorrectly calls platform_driver_unregister(&vimc_pdrv) instead of platform_device_unregister(&vimc_pdev). This mistake causes a kernel warning about an unexpected driver unregister event.

Impact Analysis

The impact of this vulnerability is that it causes a kernel warning due to improper handling of driver registration failure. This may lead to instability or unexpected behavior during the initialization of the vimc driver, but no direct security impact or exploitation details are provided.

Detection Guidance

You can detect this vulnerability by checking for the kernel warning message related to the vimc driver. Look for logs containing 'Unexpected driver unregister!' and 'WARNING: CPU' messages in your system logs (e.g., using dmesg or journalctl). For example, run: dmesg | grep -i 'Unexpected driver unregister' or journalctl -k | grep -i 'Unexpected driver unregister'.

Mitigation Strategies

Immediate mitigation involves updating the Linux kernel to a version where the vimc driver initialization issue is fixed, as the vulnerability is resolved by correcting the function call in vimc_init(). Until then, monitoring for the warning messages and avoiding loading the vimc driver module may reduce exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50340. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart