CVE-2022-48996: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's DAMON (Data Access MONitor) sysfs interface has been identified as CVE-2022-48996. The issue was discovered in the damonsysfsset_schemes() function, affecting Linux kernel versions from 5.19 up to (excluding) 6.0.12, and various 6.1 release candidates (rc1 through rc7). The vulnerability stems from an incorrect assumption about empty schemes during online tuning operations (NVD).

The vulnerability occurs in the mm/damon/sysfs component where the damonsysfsset_schemes() function incorrectly assumes that the DAMON context wouldn't have any schemes during online tuning. This assumption was introduced by commit da87878010e5 ("mm/damon/sysfs: support online inputs update"). The function creates and adds new schemes instead of updating, removing, or adding schemes to reflect the sysfs files as intended. The CVSS v3.1 base score is 5.5 (Medium), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD, Kernel Patch).

The vulnerability results in the code not working as intended for online schemes tuning and could lead to higher than expected memory footprint. However, since the schemes remain within the DAMON context, there is no memory leakage outside the system (Kernel Patch).

The issue has been fixed by removing the incorrect assumption in damonsysfsset_schemes(). The fix involves updating the function to properly handle existing schemes in the DAMON context. Users should upgrade to Linux kernel version 6.0.12 or later, or apply the patch that removes the wrong assumption (Kernel Patch).