CVE-2022-50361 — Vulnetix

CVE-2022-50361 PUBLISHED CVSS 5.5 MEDIUM

Reported by Linux · Published September 17, 2025

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init() Fault injection test reports this issue: kernel BUG at net/core/dev.c:10731! invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI Call Trace: <TASK> wilc_netdev_ifc_init+0x19f/0x220 [wilc1000 884bf126e9e98af6a708f266a8dffd53f99e4bf5] wilc_cfg80211_init+0x30c/0x380 [wilc1000 884bf126e9e98af6a708f266a8dffd53f99e4bf5] wilc_bus_probe+0xad/0x2b0 [wilc1000_spi 1520a7539b6589cc6cde2ae826a523a33f8bacff] spi_probe+0xe4/0x140 really_probe+0x17e/0x3f0 __driver_probe_device+0xe3/0x170 driver_probe_device+0x49/0x120 The root case here is alloc_ordered_workqueue() fails, but cfg80211_unregister_netdevice() or unregister_netdev() not be called in error handling path. To fix add unregister_netdev goto lable to add the unregister operation in error handling path.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Linux	Linux	09ed8bfc5215ad5aac91c50008277b5586b9ef24, 09ed8bfc5215ad5aac91c50008277b5586b9ef24, 09ed8bfc5215ad5aac91c50008277b5586b9ef24
Linux	Linux	5.17, 0, 6.1.16
linux	linux_kernel	5.17, 5.17, 5.17
Linux	Linux	5.17, 0, 09ed8bfc5215ad5aac91c50008277b5586b9ef24

Timeline

Sep 17, 2025 CVE Published
Sep 18, 2025 EPSS Score
Sep 24, 2025 EPSS Score
Oct 1, 2025 EPSS Score
Oct 7, 2025 EPSS Score
Oct 14, 2025 EPSS Score
Oct 20, 2025 EPSS Score
Oct 27, 2025 EPSS Score
Nov 2, 2025 EPSS Score
Nov 9, 2025 EPSS Score
Nov 15, 2025 EPSS Score
Nov 22, 2025 EPSS Score

References

Open in Interactive Console →