Memory Management Issue in Linux Kernel Affecting Network Scheduling
CVE-2026-22999

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 January 2026

What is CVE-2026-22999?

A memory management vulnerability exists in the Linux kernel's network scheduling component. Specifically, the issue arises in the sch_qfq (Weighted Fair Queuing) algorithm, where the qfq_change_class() function improperly manages memory allocation. If a new class and qdisc (queue discipline) are not allocated correctly, there is a risk of a use-after-free (UAF) condition. This can lead to unexpected behavior or potential exploitation if an attacker leverages the flaw, emphasizing the importance of ensuring proper memory handling in network-related functions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 462dbc9101acd38e92eda93c0726857517a24bbd < 362e269bb03f7076ba9990e518aeddb898232e50

Linux 462dbc9101acd38e92eda93c0726857517a24bbd

Linux 462dbc9101acd38e92eda93c0726857517a24bbd < 3879cffd9d07aa0377c4b8835c4f64b4fb24ac78

References

https://git.kernel.org/stable/c/362e269bb03f7076ba9990e51...
https://git.kernel.org/stable/c/e9d8f11652fa08c647bf7bba7...
https://git.kernel.org/stable/c/3879cffd9d07aa0377c4b8835...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.