CVE-2022-49578: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49578 is a vulnerability in the Linux kernel related to data races around sysctlipprotsock. The vulnerability was discovered when it was found that sysctlipprotsock is accessed concurrently, creating a potential data race condition. This issue affects the Linux kernel's IP networking subsystem (NVD).

The vulnerability is classified as a race condition (CWE-362) involving concurrent execution using shared resources with improper synchronization. It has been assigned a CVSS v3.1 base score of 4.7 (Medium) with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H. The technical issue stems from the concurrent access to sysctlipprot_sock without proper synchronization mechanisms, which could lead to load/store-tearing (NVD, Kernel Git).

The vulnerability could potentially lead to high availability impacts on the affected system, though there are no direct confidentiality or integrity impacts. The CVSS scoring indicates that while the vulnerability requires local access and is complex to exploit, it could result in high impact to system availability (NVD).

The vulnerability has been fixed in the Linux kernel through patches that implement proper synchronization mechanisms using READONCE and WRITEONCE operations. The fix addresses the data race by adding basic protection to avoid load/store-tearing in all readers and writers of sysctlipprot_sock (Kernel Git).