CVE-2022-49837: 
Linux Kernel vulnerability analysis and mitigation

A memory leak vulnerability (CVE-2022-49837) was identified in the Linux kernel's BPF subsystem, specifically in the _checkfunc_call function. The vulnerability was discovered when kmemleak reported an unreferenced object of size 2048 bytes. This issue affects Linux kernel versions from 4.2 up to 6.0.10, as well as versions 6.1-rc1 through 6.1-rc5 (NVD).

The vulnerability stems from a memory management issue in the BPF subsystem where the callee is not properly released in abnormal scenarios. The issue occurs in two functions: preparefuncexit() where the callee is not released after state->curframe--, and _checkfunccall() where the callee should be released by freefunc_state() in abnormal scenarios before state->curframe++. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD, Wiz).

The vulnerability results in memory leaks in the Linux kernel's BPF subsystem, which could potentially lead to resource exhaustion over time (Wiz).

The vulnerability has been fixed in various Linux distributions. Debian has addressed this in version 6.1.129-1 for bookworm and 6.12.22-1 for trixie releases. Ubuntu 20.04 and 22.04 have received fixes, while Red Hat has deferred fixes for Red Hat Enterprise Linux 9 (Wiz, Debian).