Linux · Linux Kernel · CVE-2022-48649
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to a use-after-free error in the `kobject del` function, which can be caused by a double free of `kmem cache`. This error occurs when the `slub debug` test is run with the `kfence` 'test memcache typesafe by rcu' kunit test case. The cause of the issue is inside the `kmem cache destroy` function, where the scheduled work can run before the next RCU flag checking, leading to a wrong value and double `kmem cache release`. The fix involves caching the RCU flag inside a protected area.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.