CVE-2022-49755: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49755 is a race condition vulnerability discovered in the Linux kernel's USB gadget functionfs (f_fs) subsystem. The vulnerability was disclosed on March 27, 2025, affecting Linux kernel versions from 2.6.35 up to 6.2-rc4. The issue occurs during fast composition switch operations in the USB gadget functionality (NVD).

The vulnerability stems from a race condition between ffsep0write/ffsep0read processes and functionfsunbind. When ffsep0write calls ffsep0queuewait while holding the &ffs->ev.waitq.lock, functionfsunbind can proceed to mark ep0req as NULL since it isn't bounded. Due to the lack of NULL checks in ffsep0queuewait, this leads to a use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could lead to use-after-free conditions, potentially allowing an attacker with local access to cause system crashes, execute arbitrary code, or escalate privileges. The high CVSS score indicates significant potential impact on system confidentiality, integrity, and availability (NVD).

The issue has been fixed by implementing serialized execution between the affected functions using mutex_lock(ffs->mutex). Multiple patches have been released for different kernel versions to address this vulnerability (NVD).