CVE-2022-49698: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2022-49698) was identified in the netfilter component where a bottom-half (BH) interrupt might occur while updating per-CPU rnd_state from user context, specifically in the local_out path. This issue was discovered when a bug report showed smp_processor_id() being called in preemptible code by the nginx process, with the caller being nft_ng_random_eval in the nft_numgen module (Kernel Git).

The vulnerability stems from the use of prandom (pseudo-random number generator) in netfilter's implementation. The issue occurs specifically in the nft_meta and nft_numgen components where per-CPU rnd_state updates could conflict with bottom-half interrupts. The bug manifests when smp_processor_id() is called in preemptible code, which is not safe and can lead to race conditions (Kernel Git).

The vulnerability could potentially lead to race conditions in the Linux kernel's netfilter subsystem, affecting network packet filtering operations. This could impact systems using netfilter for network traffic management, particularly those running nginx with specific netfilter configurations (Kernel Git).

The issue has been fixed by replacing the prandom implementation with get_random_u32(). This solution avoids the need for local prandom state and leverages the random driver, which has been the underlying implementation since the commit d4150779e60f ("random32: use real rng for non-deterministic randomness"). The fix addresses both the nft_meta and nft_numgen components (Kernel Git).