CVE-2022-48919: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48919 is a vulnerability in the Linux kernel's CIFS (Common Internet File System) implementation. The issue was discovered in February 2022 and involves a double free race condition that occurs when mount fails in the cifsgetroot() function. This vulnerability affects multiple versions of the Linux kernel up to versions 4.9.305, 4.14.270, 4.19.233, 5.4.183, 5.10.104, 5.15.27, and 5.16.13 (NVD).

The vulnerability occurs when cifsgetroot() fails during cifssmb3domount(). In this scenario, deactivatelockedsuper() is called, which eventually calls delayedfree() to free the context. The issue arises because the code then proceeds to enter the out: section in cifssmb3domount() and attempts to free the same resources a second time. This results in a use-after-free condition that can be detected by KASAN (Kernel Address Sanitizer) in the rcucblist_dequeue function (Kernel Patch).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH), indicating significant severity. The vulnerability requires local access and low privileges to exploit, but could potentially lead to high impacts on confidentiality, integrity, and availability of the affected system (NVD).

The vulnerability has been fixed in the Linux kernel through a patch that prevents the double free condition by adding a return statement after deactivatelockedsuper() is called, ensuring the code doesn't proceed to free the same resources again. Users should update to patched kernel versions to mitigate this vulnerability (Kernel Patch).