CVE-2022-49798

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition in the Linux kernel's tracing system allows eprobes to be called before the event, potentially leading to a NULL kernel pointer bug. This occurs because the flag indicating that the event should call its triggers after reading the event is set for eprobes after they are enabled. As a result, an eprobe may be triggered at the start of an event when the record information is NULL, causing the eprobe to dereference the NULL record.

Recommendations For the Linux kernel, test for a NULL record to prevent this issue from occurring. At the moment, there is no information about a newer version that contains a fix for this vulnerability.