CVE-2022-41850: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-41850 affects the Linux kernel through version 5.19.12, specifically in the roccat_report_event function within drivers/hid/hid-roccat.c. The vulnerability was discovered on September 30, 2022, and involves a race condition that leads to a use-after-free vulnerability in situations where a report is received while copying a report->value is in progress (MITRE CVE).

The vulnerability exists in the roccat_report_event function which handles the registration of roccat-related reports in struct roccat_device. The issue occurs because there was no lock protection when performing kfree() operations on saved reports. When more reports are received than the ROCCAT_CBUF_SIZE value, the driver frees the saved report from cbuf[0] and allocates a new report. This creates a race condition where kfree() can be executed while reading the saved report, potentially leading to a use-after-free condition (Kernel Commit).

A local user with access to a Roccat device could exploit this vulnerability to cause a denial of service (system crash or memory corruption) or potentially execute arbitrary code. The vulnerability is particularly relevant for users who have access to Roccat devices for screen display of profile or DPI settings (Ubuntu Security).

The vulnerability has been fixed by adding mutex locks around the critical section in roccat_report_event(). The fix involves using device->cbuf_lock to protect the report handling operations. Various Linux distributions have released patches, including Ubuntu and Debian. For Debian 10 buster, the fix was included in version 5.10.158-2~deb10u1 (Debian LTS).