{"id":"CVE-2022-49151","summary":"can: mcba_usb: properly check endpoint type","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcba_usb: properly check endpoint type\n\nSyzbot reported warning in usb_submit_urb() which is caused by wrong\nendpoint type. We should check that in endpoint is actually present to\nprevent this warning.\n\nFound pipes are now saved to struct mcba_priv and code uses them\ndirectly instead of making pipes in place.\n\nFail log:\n\n| usb 5-1: BOGUS urb xfer, pipe 3 != type 1\n| WARNING: CPU: 1 PID: 49 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\n| Modules linked in:\n| CPU: 1 PID: 49 Comm: kworker/1:2 Not tainted 5.17.0-rc6-syzkaller-00184-g38f80f42147f #0\n| Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\n| Workqueue: usb_hub_wq hub_event\n| RIP: 0010:usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\n| ...\n| Call Trace:\n|  \u003cTASK\u003e\n|  mcba_usb_start drivers/net/can/usb/mcba_usb.c:662 [inline]\n|  mcba_usb_probe+0x8a3/0xc50 drivers/net/can/usb/mcba_usb.c:858\n|  usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396\n|  call_driver_probe drivers/base/dd.c:517 [inline]","modified":"2026-04-11T12:43:39.257964Z","published":"2025-02-26T01:55:17.665Z","related":["SUSE-SU-2025:0834-1","SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1194-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1263-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49151.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/136bed0bfd3bc9c95c88aafff2d22ecb3a919f23"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5598442edc29e8f6f2380e4b471dc1a3fcd80508"},{"type":"WEB","url":"https://git.kernel.org/stable/c/88272b4a37913bdf6f339162a7920bd8e9b49de2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b48d1bb3f1ca337ad653022aefb5a40a47dfe5cd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cbd110b8dd7ad763bf413f71c0484116ae9302d4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ef0acc514123140157b19a9ff2e2de5d91d612bc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f2ec3cd0f34f8c3f94bc21fbba14868301c9c49d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fa9c1f14002dc0d5293e16a2007bd89b6e79207b"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49151.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49151"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"51f3baad7de943780ce0c17bd7975df567dd6e14"},{"fixed":"5598442edc29e8f6f2380e4b471dc1a3fcd80508"},{"fixed":"b48d1bb3f1ca337ad653022aefb5a40a47dfe5cd"},{"fixed":"cbd110b8dd7ad763bf413f71c0484116ae9302d4"},{"fixed":"ef0acc514123140157b19a9ff2e2de5d91d612bc"},{"fixed":"fa9c1f14002dc0d5293e16a2007bd89b6e79207b"},{"fixed":"88272b4a37913bdf6f339162a7920bd8e9b49de2"},{"fixed":"f2ec3cd0f34f8c3f94bc21fbba14868301c9c49d"},{"fixed":"136bed0bfd3bc9c95c88aafff2d22ecb3a919f23"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49151.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.12.0"},{"fixed":"4.14.276"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.238"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.189"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.110"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.33"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.16.19"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.17.0"},{"fixed":"5.17.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49151.json"}}],"schema_version":"1.7.5"}