CVE-2022-49568

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A null dereference issue has been identified in the Linux kernel related to KVM device cleanup. The error occurs because the interrupt controller KVM devices (XICS, XIVE, XIVE-native) use the release() callback instead of the destroy() callback for cleanup, but the error handling in kvm ioctl create device() assumes destroy() is always defined. This issue was discovered by Syzkaller. The problem arises from the lack of a check for destroy!=NULL and a missing release() call.

Recommendations For the Linux kernel, add a check to ensure destroy!=NULL to prevent null dereference and include a missing release() call to properly handle KVM device cleanup. At the moment, there is no information about a newer version that contains a fix for this vulnerability.