CVE-2022-49802

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ftrace: Fix null pointer dereference in ftrace_add_mod()<br /> <br /> The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next}<br /> of @ftrace_mode-&gt;list are NULL, it&amp;#39;s not a valid state to call list_del().<br /> If kstrdup() for @ftrace_mod-&gt;{func|module} fails, it goes to @out_free<br /> tag and calls free_ftrace_mod() to destroy @ftrace_mod, then list_del()<br /> will write prev-&gt;next and next-&gt;prev, where null pointer dereference<br /> happens.<br /> <br /> BUG: kernel NULL pointer dereference, address: 0000000000000008<br /> Oops: 0002 [#1] PREEMPT SMP NOPTI<br /> Call Trace:<br /> <br /> ftrace_mod_callback+0x20d/0x220<br /> ? do_filp_open+0xd9/0x140<br /> ftrace_process_regex.isra.51+0xbf/0x130<br /> ftrace_regex_write.isra.52.part.53+0x6e/0x90<br /> vfs_write+0xee/0x3a0<br /> ? __audit_filter_op+0xb1/0x100<br /> ? auditd_test_task+0x38/0x50<br /> ksys_write+0xa5/0xe0<br /> do_syscall_64+0x3a/0x90<br /> entry_SYSCALL_64_after_hwframe+0x63/0xcd<br /> Kernel panic - not syncing: Fatal exception<br /> <br /> So call INIT_LIST_HEAD() to initialize the list member to fix this issue.