Null Pointer Dereference in Linux Kernel's QFQ Scheduler
CVE-2026-22976

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 21 January 2026

What is CVE-2026-22976?

A vulnerability in the Linux kernel's QFQ (Quantum Fairness Queueing) scheduling component has been identified, leading to a null pointer dereference during the deactivation of inactive aggregates. This issue arises when two QFQ class objects reference the same leaf queue discipline, causing erroneous behavior when certain operations are invoked, such as qdisc_reset. If active and inactive qdisc states are not properly managed, it can lead to a crash or instability in the system, compromising reliability and security.

Affected Version(s)

Linux 0545a3037773512d3448557ba048cebb73b3e4af < 6116a83ec167d3ab1390cded854d237481f41b63

Linux 0545a3037773512d3448557ba048cebb73b3e4af < 0809c4bc06c9c961222df29f2eccfd449304056f

Linux 0545a3037773512d3448557ba048cebb73b3e4af

References

https://git.kernel.org/stable/c/6116a83ec167d3ab1390cded8...

https://git.kernel.org/stable/c/0809c4bc06c9c961222df29f2...

https://git.kernel.org/stable/c/cdb24200b043438a144df501f...

Timeline

Vulnerability published
Jan 21, 2026
Vulnerability Reserved
Jan 13, 2026

JSON