CVE-2022-48639: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48639 is a vulnerability in the Linux kernel related to a possible refcount leak in the tc_new_tfilter() function. The vulnerability was discovered and disclosed on April 28, 2024, affecting multiple versions of the Linux kernel from version 5.1 through 6.0-rc6. This issue occurs in the network scheduling component of the kernel (NVD).

The vulnerability stems from a refcount leak in the tc_new_tfilter() function where tfilter_put needs to be called to properly handle the reference count obtained by tp->ops->get. This leak specifically occurs when chain->tmplt_ops is not NULL and chain->tmplt_ops does not equal tp->ops. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a reference count leak in the Linux kernel's network scheduling subsystem, potentially causing resource exhaustion and system instability. The CVSS score indicates that while the vulnerability requires local access and low privileges, it can have a high impact on system availability (NVD).

The vulnerability has been fixed through a patch that adds a tfilter_put(tp, fh) call before the error handling code when a template operation mismatch is detected. The fix has been implemented in multiple kernel versions through various stable tree commits (Kernel Patch).