CVE-2022-49151: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49151 affects the Linux kernel's mcbausb driver, specifically related to improper endpoint type checking. The vulnerability was discovered when Syzbot reported a warning in usbsubmit_urb() caused by incorrect endpoint type handling (Kernel Git).

The vulnerability exists in the mcbausb driver where endpoint types were not properly checked before USB operations. The issue manifests when the driver attempts to use incorrect endpoint types, triggering a warning in usbsubmiturb() with the message 'BOGUS urb xfer, pipe 3 != type 1'. The bug occurs during the USB device probing process, specifically in the mcbausb_probe function (Kernel Git).

When triggered, the vulnerability can cause kernel warnings and potential system instability. The issue affects systems using the Microchip CAN BUS Analyzer with the mcba_usb driver (Kernel Git).

The issue has been fixed by implementing proper endpoint type checking in the mcbausb driver. The fix involves saving found pipes to struct mcbapriv and using them directly instead of making pipes in place. The patch also adds proper error handling for endpoint detection (Kernel Git).