Use After Free Vulnerability in Linux Kernel Network Scheduler
CVE-2022-49921
7.8HIGH
What is CVE-2022-49921?
A use after free vulnerability exists in the Linux kernel's network scheduler due to improper management of socket buffers (skb) during the enqueueing process. Specifically, after a socket buffer is passed to the qdisc_enqueue, it should not be accessed again, as this can lead to memory corruption and potential system instability. This flaw has been addressed in recent kernel updates, emphasizing the importance of timely patches and updates to maintain system security.
Affected Version(s)
Linux d7f4f332f082c4d4ba53582f902ed6b44fd6f45e < 795afe0b9bb6c915f0299a8e309936519be01619
Linux d7f4f332f082c4d4ba53582f902ed6b44fd6f45e
Linux d7f4f332f082c4d4ba53582f902ed6b44fd6f45e