CVE-2022-49789

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A double free vulnerability has been resolved in the Linux kernel. The issue occurs in the zfcp fsf req send() function, where the wrong type of integer is used to cache the FSF request ID. This can lead to a mismatch between the original ID and the cached ID, resulting in a double free. The vulnerability can cause memory corruption and crashes. The problem arises when the ID grows past 32 bits or when the 32nd bit is set in the original ID. The compiler's use of a sign-extending instruction to load the 32-bit variable into a 64-bit register can also cause the leading zeros to be flipped to ones, resulting in a mismatch.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the double free vulnerability. As a temporary workaround, consider disabling the zfcp fsf req send() function until a patch is available. Restrict access to the vulnerable zfcp module to minimize the risk of exploitation. Avoid using the zfcp qdio send() function until the issue is resolved.