In the nucleus of linux identified Vulnerability (cve-2022-3977 ), which can potentially be used by a local user to increase its privilege in the system. Уязвимость проявляется начиная с ядра 5.18 и Fixed in the branch 6.1. The appearance of correction in distributions can be traced on the pages: debian , ubuntu , gentoo , rheel , suse , arch . .
Vulnerability is present in the implementation of the protocol mctp (Management Transport Protocol), used to interact the control of control . The vulnerability is caused by the state of the race in the MCTP_SK_UNHASH () function, which leads to an appeal to the already released memory area (USE-AFTER-FREE) when sending an IOCTL request for Droptag simultaneously with the closure of the socket.