CVE-2022-48944

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.26/5.16.12

Description The issue is related to a race condition in the sched fork() function, which can be exploited to gain elevated privileges on vulnerable systems. This occurs because a task is not placed on the runqueue before it gets exposed through the pidhash, allowing for a race vs syscalls. The commits 4ef0c5c6b5ba and 13765de8148f are related to fixing this issue, with the latter trying to fix a single instance of the problem but instead fixing the whole class of issues.

Recommendations To resolve the issue, upgrade the affected Linux kernel versions to 5.15.26/5.16.12 or later. As a temporary workaround, consider restricting access to the vulnerable sched fork() function until a patch is available.