CVE-2022-49228

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the btf decl tag bug

Description A bug in the Linux kernel's btf decl tag functionality has been identified, which can cause a general protection fault due to a null pointer dereference. The issue occurs when a function type is tagged with a decl tag, and the kernel attempts to access the func proto type, resulting in a KASAN error. The bug is triggered by an illegal BTF with a func type that has a func proto type out of range. The estimated number of potentially affected devices is not specified.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the btf decl tag bug. As a temporary workaround, consider disabling the btf functionality until a patch is available. Restrict access to the btf module to minimize the risk of exploitation. Avoid using the btf decl tag resolve function in the affected API endpoint until the issue is resolved. Apply the patch that implements the 'resolve' callback function for func types properly, which will also be called in btf check all types for func types.