ghsa-3ghw-3m72-v6jr
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
coresight: trbe: remove cpuhp instance node before remove cpuhp state
cpuhp_state_add_instance() and cpuhp_state_remove_instance() should be used in pairs. Or there will lead to the warn on cpuhp_remove_multi_state() since the cpuhp_step list is not empty.
The following is the error log with 'rmmod coresight-trbe': Error: Removing state 215 which has instances left. Call trace: __cpuhp_remove_state_cpuslocked+0x144/0x160 __cpuhp_remove_state+0xac/0x100 arm_trbe_device_remove+0x2c/0x60 [coresight_trbe] platform_remove+0x34/0x70 device_remove+0x54/0x90 device_release_driver_internal+0x1e4/0x250 driver_detach+0x5c/0xb0 bus_remove_driver+0x64/0xc0 driver_unregister+0x3c/0x70 platform_driver_unregister+0x20/0x30 arm_trbe_exit+0x1c/0x658 [coresight_trbe] __arm64_sys_delete_module+0x1ac/0x24c invoke_syscall+0x50/0x120 el0_svc_common.constprop.0+0x58/0x1a0 do_el0_svc+0x38/0xd0 el0_svc+0x2c/0xc0 el0t_64_sync_handler+0x1ac/0x1b0 el0t_64_sync+0x19c/0x1a0 ---[ end trace 0000000000000000 ]---
{
"affected": [],
"aliases": [
"CVE-2022-50319"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T15:15:43Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: trbe: remove cpuhp instance node before remove cpuhp state\n\ncpuhp_state_add_instance() and cpuhp_state_remove_instance() should\nbe used in pairs. Or there will lead to the warn on\ncpuhp_remove_multi_state() since the cpuhp_step list is not empty.\n\nThe following is the error log with \u0027rmmod coresight-trbe\u0027:\nError: Removing state 215 which has instances left.\nCall trace:\n __cpuhp_remove_state_cpuslocked+0x144/0x160\n __cpuhp_remove_state+0xac/0x100\n arm_trbe_device_remove+0x2c/0x60 [coresight_trbe]\n platform_remove+0x34/0x70\n device_remove+0x54/0x90\n device_release_driver_internal+0x1e4/0x250\n driver_detach+0x5c/0xb0\n bus_remove_driver+0x64/0xc0\n driver_unregister+0x3c/0x70\n platform_driver_unregister+0x20/0x30\n arm_trbe_exit+0x1c/0x658 [coresight_trbe]\n __arm64_sys_delete_module+0x1ac/0x24c\n invoke_syscall+0x50/0x120\n el0_svc_common.constprop.0+0x58/0x1a0\n do_el0_svc+0x38/0xd0\n el0_svc+0x2c/0xc0\n el0t_64_sync_handler+0x1ac/0x1b0\n el0t_64_sync+0x19c/0x1a0\n ---[ end trace 0000000000000000 ]---",
"id": "GHSA-3ghw-3m72-v6jr",
"modified": "2025-09-15T15:31:27Z",
"published": "2025-09-15T15:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50319"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/18b9202188a4e59923834c60b5c82ea1da7d1811"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/20ee8c223f792947378196307d8e707c9cdc2d61"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2ea334960afcd49385840c7afd59fc5f8d3ce682"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3c18888bc0b51835c74123b1e04d5df11543724c"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.