CVE-2022-49799

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc1-00186-g76f33a7eedb4

Description A bug in the Linux kernel's tracing system has been fixed, which caused a wild-memory-access issue in the register synth event() function. If set synth event print fmt() failed, both trace remove event call() and unregister trace event() would be called, resulting in unregister trace event() being called twice and causing the wild-memory-access. The issue was fixed by avoiding the second call to unregister trace event() by checking if the first one was called. A general protection fault occurred, probably due to a non-canonical address.

Recommendations To resolve the issue, update the Linux kernel to a version later than 6.1.0-rc1-00186-g76f33a7eedb4. As a temporary workaround, consider disabling the register synth event() function until a patch is available. Restrict access to the vulnerable unregister trace event() function to minimize the risk of exploitation. Avoid using the set synth event print fmt() function in the affected register synth event() function until the issue is resolved.