CVE-2022-49647: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability was discovered in the cgroup subsystem related to csssets migration. The issue occurs when moving tasks across cgroups where some tasks perform identity migrations while others move across different cgroups. The vulnerability stems from overloading the cset->mgpreload_node for both source and destination lists during migration, which could lead to a use-after-free condition (Kernel Git).

The vulnerability exists in the cgroup migration mechanism where a single node (mgpreloadnode) was used for both source and destination lists. During migration, if a cset needs to be both source and destination (in case of identity migration), the overloading of this single node causes the cset to be inadvertently removed from both lists. This can result in a situation where a destination cset isn't properly held during migration, potentially leading to a use-after-free condition if all tasks leave the cset before migration completes (Kernel Git).

If exploited, this vulnerability could lead to use-after-free conditions when migrating tasks between cgroups. This occurs specifically when a process with multiple threads is being migrated, and some threads perform identity migrations while others move across cgroups. The impact is particularly severe if all tasks leave a cset before migration completes and the incoming task attempts to pin it, potentially resulting in memory corruption (Kernel Git).

The issue has been fixed by separating the single mgpreloadnode into two distinct nodes: mgsrcpreloadnode and mgdstpreloadnode. This separation ensures that source and destination preloadings don't interfere with each other during migration operations. The fix was implemented in the Linux kernel and backported to affected stable versions (Kernel Git).