CVE-2022-4378: 
Linux Kernel vulnerability analysis and mitigation

A stack overflow vulnerability (CVE-2022-4378) was discovered in the Linux kernel's SYSCTL subsystem, affecting how users change certain kernel parameters and variables. The vulnerability was discovered by Kyle Zeng and affects multiple kernel versions including the latest, 6.0, 5.15, 5.10, 5.4, 4.19, 4.14, and 4.9. The issue was disclosed on December 9, 2022, and was fixed in kernel version 6.0.12 (OSS Security).

The vulnerability stems from a missing check on user input in the _doprocdointvec function. The function truncates user input to one page but fails to maintain this limit when calling procskipspaces, which assumes the argument is a NULL-terminated string. If the buffer contains more than one page of spaces, the 'left' variable becomes negative. This negative value is then passed to procget_long, where its least significant 4 bytes are used as the length for a memcpy operation to the kernel stack, resulting in a stack-based buffer overflow (OSS Security).

The vulnerability allows a local user to crash the system (denial of service) or potentially escalate their privileges on the system. The flaw is particularly concerning as it can be triggered by non-root users who have access to user-namespace (Ubuntu Security, OSS Security).

The vulnerability has been patched through two main fixes: a refactoring of procskipspaces to process data up to a limit instead of assuming NULL-terminated strings, and addressing the signness issue in the 'len' variable. These patches are available in kernel version 6.0.12 and have been backported to affected stable kernel versions (OSS Security).