Linux Kernel Cros Usbpd Notify Driver Error Handling Vulnerability

A vulnerability exists in the Linux kernel's cros_usbpd_notify driver due to improper error handling in the initialization function. The issue arises because the driver does not verify whether the registration process was successful. As a result, the driver can be loaded even if an error occurs during registration, leading to a warning message about an unexpected driver unregistration when the module is removed. This vulnerability affects Linux kernel versions through 6.1.0-rc3.

Impact

The vulnerability can cause a denial-of-service condition by leading to unexpected driver unregistration warnings, which may disrupt normal module management processes.

Reproduction

To reproduce this vulnerability, load the cros_usbpd_notify driver module. Then, remove the module using the rmmod command. This process will trigger a warning about an unexpected driver unregistration, indicating that the module did not handle its initialization and registration properly.

Remediation

The vulnerability has been addressed in upstream Linux kernel commits. Users can apply the latest patches available in the Linux kernel stable tree to mitigate this issue.