CVE-2022-49802: 
Linux Kernel vulnerability analysis and mitigation

A null pointer dereference vulnerability (CVE-2022-49802) was discovered in the Linux kernel's ftrace functionality. The vulnerability was disclosed on May 1, 2025, affecting the ftraceaddmod() function where the ftracemod structure, allocated by kzalloc(), has uninitialized list members that can lead to a null pointer dereference when kstrdup() fails for ftracemod->{func|module} members (NVD, Wiz).

The vulnerability occurs when the ftracemod structure is allocated using kzalloc(), resulting in NULL values for both prev and next members of ftracemode->list. When kstrdup() fails for ftracemod->{func|module}, the code execution moves to the @outfree tag and calls freeftracemod() to destroy @ftracemod. Subsequently, listdel() attempts to write to prev->next and next->prev, leading to a null pointer dereference. This manifests as a kernel panic with the message 'BUG: kernel NULL pointer dereference, address: 0000000000000008' (NVD).

When triggered, this vulnerability results in a kernel panic, causing system instability and potential denial of service. The issue affects the Linux kernel's ftrace functionality, which is a core kernel feature used for function tracing and debugging (Wiz).

The vulnerability has been fixed by properly initializing the list members using INITLISTHEAD() to initialize the list member before any potential failure points. System administrators should apply the appropriate kernel updates that include this fix (Wiz).