CVE-2022-50468

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc3

Description The Linux kernel contains a flaw in the cros usbpd notify module where the cros usbpd notify init() function does not validate the return value of platform driver register(). This can lead to successful module installation even if registration fails, potentially causing issues during module removal as indicated by an "Unexpected driver unregister!" warning. The issue occurs during the unregistration of the cros usbpd notify driver. The platform driver register() function is responsible for registering a platform driver with the kernel. Failure to check its return value can result in inconsistent driver state.

Recommendations Update to Linux kernel version 6.1.0-rc3 or later to address this issue.

Exploit

Fix

Unchecked Return Value

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252

Related Identifiers

BDU:2026-06093

CVE-2022-50468

RHSA-2024:9315

RHSA-2024_9315

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3761-1

Affected Products

Linux Kernel

Red Hat

Suse

CVE-2022-50468

Weakness Enumeration

Related Identifiers

Affected Products

References · 862