Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2022-49798
CVE-2022-49798:
Linux Kernel vulnerability analysis and mitigation
Overview
CVE-2022-49798 is a vulnerability discovered in the Linux kernel's tracing system, specifically related to eprobes functionality. The vulnerability was published on May 1, 2025, affecting the Linux kernel's event tracing mechanism (NVD, Wiz).
Technical details
The vulnerability occurs due to a race condition in the Linux kernel's tracing system. The issue arises when the flag that tells the event to call its triggers after reading the event is set for eprobes after the eprobe is enabled. This timing issue creates a race condition where the eprobe may be triggered at the beginning of the event where the record information is NULL. When this happens, the eprobe attempts to dereference the NULL record, resulting in a NULL kernel pointer bug (NVD, Wiz).
Impact
When exploited, this vulnerability can lead to a NULL pointer dereference in the kernel, potentially causing system crashes or denial of service conditions (Wiz).
Mitigation and workarounds
The issue has been fixed by implementing a check for NULL records to prevent the dereferencing of NULL pointers. The fix has been incorporated into the Linux kernel codebase (Wiz).
Additional resources
Source: This report was generated using AI
Related Linux Kernel vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management