A vulnerability has been identified in the Linux kernel (CVE-2022-3977) that could potentially be used by a local user to elevate their privileges on the system. The vulnerability manifests itself starting from the 5.18 kernel and is fixed in the 6.1 branch. The appearance of the fix in distributions can be traced on the pages: Debian, Ubuntu, Gentoo, RHEL, SUSE, Arch.
The vulnerability exists in the implementation of the MCTP (Management Component Transport Protocol), which is used to communicate between management controllers and their associated devices. The vulnerability is caused by a race condition in the mctp_sk_unhash() function, which causes an already freed area of ββmemory (use-after-free) to be accessed when sending the DROPTAG ioctl request at the same time as the socket is closed.
Source: opennet.ru