CVE-2022-49385: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49385 is a Use-After-Free (UAF) vulnerability discovered in the Linux kernel's driver core. The vulnerability was disclosed and patched in 2022, affecting the driver base subsystem. The issue occurs when driverattach(drv) fails, causing the driverprivate to be freed while it remains added to the bus, resulting in a use-after-free condition (NVD).

The vulnerability exists in the busadddriver function within the Linux kernel's driver core. When driverattach(drv) fails, the driverprivate structure is freed, but it remains linked to the bus, leading to a use-after-free condition. The CVSS v3.1 base score for this vulnerability is 7.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (CISA-ADP).

The vulnerability could potentially lead to privilege escalation, system crashes, or arbitrary code execution in the context of the kernel. The high CVSS score indicates significant potential impact on the confidentiality, integrity, and availability of the affected system (NVD).

The vulnerability has been patched by adding code to delete the driverprivate from the bus when driverattach fails. The fix involves modifying the error handling path in the busadddriver function to call klistdel(&priv->knodebus) before freeing the driver_private structure (Kernel Commit).