CVE-2022-50008: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability (CVE-2022-50008) was identified in the Linux kernel related to kprobes functionality. The issue was discovered in the __disable_kprobe() function where incorrect assumptions could lead to attempting to disarm an already disarmed kprobe, triggering a WARN_ONCE() condition (NVD).

The vulnerability stems from an incorrect assumption in __disable_kprobe() where it attempts to disarm an already disarmed kprobe. When kprobes_all_disarmed is set to false but the kprobe remains disabled, __disable_kprobe() incorrectly calls disarm_kprobe() for the disabled kprobe. This triggers a WARN_ONCE() in __disarm_kprobe_ftrace() and can lead to missing cleanups, leaving the aggregated kprobe in the hash table, which creates an infinite loop in the kprobe list structure (NVD, Wiz).

The vulnerability can result in infinite loops when executing certain commands like 'cat /sys/kernel/debug/kprobes/list', leading to RCU stalls or soft lockups. Additionally, when running tools like execsnoop, the issue can cause system warnings and potential memory corruption due to improper cleanup of kprobe structures (NVD, Wiz).

The fix involves ensuring that disarm_kprobe() is not called for disabled kprobes. This prevents the incorrect attempt to disarm already disarmed kprobes and avoids the subsequent issues with cleanup and infinite loops (Wiz).