LiveActive security incident?Get immediate response
CVE Record

CVE-2022-50322: rtc: msc313: Fix function prototype mismatch in msc313_rtc_probe()

In the Linux kernel, the following vulnerability has been resolved: rtc: msc313: Fix function prototype mismatch in msc313_rtc_probe() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. msc313_rtc_probe() was passing clk_disable_unprepare() directly, which did not have matching prototypes for devm_add_action_or_reset()'s callback argument. Refactor to use devm_clk_get_enabled() instead. This was found as a result of Clang's new -Wcast-function-type-strict flag, which is more sensitive than the simpler -Wcast-function-type, which only checks for type width mismatches.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

This Linux kernel issue is a driver bug that can cause a kernel panic or kill a thread when Clang kernel CFI is enabled. It affects a specific RTC driver path, not a broad remote attack surface. Business urgency is mainly availability risk for systems using this driver and configuration.

Executive priority

Treat as a targeted Linux availability fix, not an emergency internet-wide issue. Patch through normal kernel maintenance, with higher priority for embedded or appliance systems that use this RTC driver and Clang kCFI.

Technical view

msc313_rtc_probe() used clk_disable_unprepare() as a devm_add_action_or_reset() callback despite a function prototype mismatch. With CONFIG_CFI_CLANG, indirect call validation can reject the target at runtime, causing panic or thread termination. The kernel fix refactors the code to use devm_clk_get_enabled().

Likely exposure

Likely limited to Linux systems using the msc313 RTC driver with Clang kCFI enabled. The source lists Linux kernel versions as affected but provides no CVSS, CPEs, or distribution-specific advisories.

Exploitation context

No cited source states active exploitation, and CISA KEV status is false. The described failure is runtime CFI enforcement during driver operation, presenting as availability impact rather than documented privilege escalation or remote compromise.

Researcher notes

Evidence is limited to the CVE record and Linux stable commit references. No CVSS, CWE, exploit report, or distro-specific impact statement is provided. Version data in the source is sparse, so validate against actual kernel trees and vendor packages.

Mitigation direction

  • Review kernel vendor guidance for CVE-2022-50322 applicability and fixed packages.
  • Update to a kernel containing the referenced stable fixes where applicable.
  • Prioritize systems using the msc313 RTC driver with CONFIG_CFI_CLANG enabled.
  • If updates are unavailable, consult vendor support for supported workarounds.

Validation and detection

  • Check running kernel version against vendor advisories and stable commit inclusion.
  • Confirm whether CONFIG_CFI_CLANG is enabled in the kernel build.
  • Identify whether the msc313 RTC driver is built, loaded, or used.
  • Review boot and kernel logs for CFI failures, panics, or probe errors.
Prepared
Confidence
medium
Sources
5

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2022-50322 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
0ADP providers
4Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinuxbe7d9c9161b9c76edeff15e79edc2f256568fe05, be7d9c9161b9c76edeff15e79edc2f256568fe05, be7d9c9161b9c76edeff15e79edc2f256568fe05unaffected
LinuxLinux5.16, 0, 6.0.17, 6.1.3, 6.2affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.