CVE-2022-50078

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc5-test+ #309

Description A vulnerability in the Linux kernel has been resolved, related to event probes (eprobes) in the tracing subsystem. The issue occurs when attempting to retrieve the instruction pointer (%rip) using event probes, which do not use pt regs, resulting in a kernel NULL pointer dereference. This can lead to a crash or potentially allow an attacker to exploit the vulnerability. The estimated number of potentially affected devices is not provided.

Recommendations For Linux kernel versions prior to 5.19.0-rc5-test+ #309, update to a newer version that includes the fix for this issue. As a temporary workaround, consider disabling the use of event probes until a patch is available. Restrict access to the tracing subsystem to minimize the risk of exploitation. Avoid using the $stack variable and the % register parsing in event probes until the issue is resolved.