CVE-2022-49558

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.18.0-rc7+

Description A double hook unregistration issue in the netfilter nf tables component has been identified. The nft release hooks() function is called from the pre netns exit path, which unregisters the hooks. However, the NETDEV UNREGISTER event is then triggered, causing the hooks to be unregistered again. This issue is associated with a warning message and a call trace that includes the nf unregister net hook+0x247/0x270 function.

Recommendations For Linux kernel versions prior to 5.18.0-rc7+, consider updating to a newer version that includes the fix for this issue. As a temporary workaround, it may be possible to mitigate the risk by modifying the netns pre exit path to avoid the double hook unregistration. However, without further information, the exact steps for this workaround are not clear. At the moment, there is no information about a newer version that contains a fix for this vulnerability.