CVE-2022-50319: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-50319 affects the Linux kernel, specifically related to the coresight trbe module. The vulnerability was discovered and disclosed around September 2025, involving an issue where cpuhp_state_add_instance() and cpuhp_state_remove_instance() functions are not properly paired, leading to a warning on cpuhp_remove_multi_state() due to a non-empty cpuhp_step list (NVD).

The vulnerability manifests when removing the coresight-trbe module using 'rmmod coresight-trbe'. The issue occurs because the cpuhp instance node is not properly removed before removing the cpuhp state, resulting in an error state where instances are left behind. This triggers a warning message indicating 'Removing state 215 which has instances left' along with a detailed call trace (NVD).

The vulnerability affects various Linux kernel packages across different distributions. In Ubuntu, it impacts several kernel versions, particularly version 22.04 LTS (jammy) and related kernel variants including linux-kvm, linux-aws, linux-azure, and linux-gcp (Ubuntu).

The issue has been fixed in multiple Ubuntu kernel packages. Specifically, version 5.15.0-69.76 for Ubuntu 22.04 LTS (jammy), version 5.15.0-1030.35 for linux-kvm, version 5.15.0-1033.37 for linux-aws, version 5.15.0-1035.42 for linux-azure, and version 5.15.0-1031.38 for linux-gcp (Ubuntu).