Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.

INFO

Published Date :

2026-01-25T14:36:13.909Z

Last Modified :

2026-02-09T08:36:51.739Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-22999 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-22999.

URL Resource
https://git.kernel.org/stable/c/0a234660dc70ce45d771cbc76b20d925b73ec160 cve-icon cve-icon
https://git.kernel.org/stable/c/2a64fb9b47afffeb5dbab5fd3a518e1436dcc90e cve-icon cve-icon
https://git.kernel.org/stable/c/362e269bb03f7076ba9990e518aeddb898232e50 cve-icon cve-icon
https://git.kernel.org/stable/c/3879cffd9d07aa0377c4b8835c4f64b4fb24ac78 cve-icon cve-icon
https://git.kernel.org/stable/c/cff6cd703f41d8071995956142729e4bba160363 cve-icon cve-icon
https://git.kernel.org/stable/c/e9d8f11652fa08c647bf7bba7dd8163241a332cd cve-icon cve-icon
https://git.kernel.org/stable/c/f06f7635499bc806cbe2bbc8805c7cef8b1edddf cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026012533-CVE-2026-22999-c098@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-22999 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-22999 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact