CVE-2022-24122: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-24122 is a use-after-free vulnerability discovered in the Linux kernel versions 5.14 through 5.16.4. The vulnerability exists in kernel/ucount.c when unprivileged user namespaces are enabled, allowing a ucounts object to outlive its namespace, which could lead to privilege escalation (CVE Mitre, Openwall).

The vulnerability occurs in the 'ucounts' scheme which is designed to "bubble up" limit changes to the uppermost user namespace by attaching and traversing a user namespace to the 'ucounts' object. The core issue is that the user namespace pointer isn't reference-counted, and since the lifetime of a 'ucounts' object isn't strictly tied to that of the user namespace it was created for, it can outlive the latter, making its 'ns' member point to freed memory. This particularly affects the shm and mqueue code when using currentucounts() and getting a reference via getucounts() (Openwall).

Successful exploitation of this vulnerability could lead to privilege escalation on systems where unprivileged user namespaces are enabled. The vulnerability allows disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS) (NetApp Advisory).

The vulnerability was fixed in Linux kernel with commit f9d87929d451d3e649699d0f1d74f71f77ad38f5. For systems that cannot immediately patch, a temporary mitigation is available by disabling unprivileged user namespaces through the command 'sysctl -w kernel.unprivilegedusernsclone=0' (Openwall, Kernel Commit).