Memory Management Issue in Linux Kernel Affecting Network Scheduling
CVE-2026-22999

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 January 2026

What is CVE-2026-22999?

A memory management vulnerability exists in the Linux kernel's network scheduling component. Specifically, the issue arises in the sch_qfq (Weighted Fair Queuing) algorithm, where the qfq_change_class() function improperly manages memory allocation. If a new class and qdisc (queue discipline) are not allocated correctly, there is a risk of a use-after-free (UAF) condition. This can lead to unexpected behavior or potential exploitation if an attacker leverages the flaw, emphasizing the importance of ensuring proper memory handling in network-related functions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 462dbc9101acd38e92eda93c0726857517a24bbd < 2a64fb9b47afffeb5dbab5fd3a518e1436dcc90e

Linux 462dbc9101acd38e92eda93c0726857517a24bbd

Linux 462dbc9101acd38e92eda93c0726857517a24bbd

References

https://git.kernel.org/stable/c/2a64fb9b47afffeb5dbab5fd3...
https://git.kernel.org/stable/c/cff6cd703f41d807199595614...
https://git.kernel.org/stable/c/f06f7635499bc806cbe2bbc88...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.