CVE-2022-4744: 
Linux Kernel vulnerability analysis and mitigation

A double-free flaw (CVE-2022-4744) was discovered in the Linux kernel's TUN/TAP device driver functionality, specifically in how a user registers the device when the registernetdevice function fails (NETDEVREGISTER notifier). The vulnerability was discovered in late 2022 and publicly disclosed on March 30, 2023. This vulnerability affects Linux kernel versions prior to 5.16-rc7 (NVD, NetApp Advisory).

The vulnerability occurs due to a double-free condition in the tunfreenetdev function within the TUN/TAP device driver. The issue arises specifically when the register_netdevice function fails during device registration. The CVSS v3.1 base score for this vulnerability is 7.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements but high potential impact (NetApp Advisory).

The vulnerability allows a local user to potentially crash the system or escalate their privileges. Successful exploitation could lead to denial of service (system crash), memory corruption, or potential privilege escalation on the affected system (CVE Mitre).

The issue has been fixed in Linux kernel version 5.16-rc7 and later. The fix involves moving the dev->tstats and tun->security allocations to a new ndoinit routine (tunnetinit()) that is called by registernetdevice(). This ensures proper pairing with the destructor (tunfreenetdev()) and prevents the double-free condition (Kernel Commit).