CVE-2022-49788: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability was discovered in the Linux kernel's VMware VMCI (Virtual Machine Communication Interface) driver, specifically in the vmcihostdoreceivedatagram() function. The issue involves a struct vmcieventqp allocated by qpnotifypeer() that contains padding which may leak uninitialized data to userspace. This vulnerability was assigned CVE-2022-49788 and was publicly disclosed on May 1, 2025 (Wiz Report).

The vulnerability is an information leak in the Linux kernel's misc/vmwvmci driver. The issue occurs when the struct vmcieventqp is allocated by qpnotifypeer(), where padding bytes in the structure may contain uninitialized kernel data that gets exposed to userspace through vmcihostdoreceivedatagram(). The vulnerability was detected by the Kernel Memory Sanitizer (KMSAN) which identified the information leak during copyto_user operations. Specifically, the leak affects bytes 28-31 of a 48-byte memory region (NVD).

The vulnerability could lead to the disclosure of sensitive kernel memory contents to unprivileged users, potentially exposing sensitive information (Wiz Report).

The recommended fix is to use memset() to prevent the information leaks. Additionally, qpnotifypeer_local() was speculatively fixed as it may have been affected by the same issue (NVD).