Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities NIST NVD

CVE-2026-22999: In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free...

linux-kerneluse-after-freememory-corruptioncve-2026-22999
A use-after-free vulnerability has been resolved in the Linux kernel's qfq_change_class() function. The vulnerability occurs due to improper handling of error cases, potentially leading to memory corruption and system instability if exploited.
Read Full Article →

In the Linux kernel, the following vulnerability has been resolved:

net/sched: sch_qfq: do not free existing class in qfq_change_class()

Fixes qfq_change_class() error case.

cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.

Related Articles

MEDIUM CVE-2026-23012: In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: remove call_cont... NIST NVD MEDIUM CVE-2026-23002: In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use __kernel_read(... NIST NVD MEDIUM CVE-2026-31686 mm/kasan: fix double free for kasan pXds Microsoft Security Response Center HIGH Multiples vulnérabilités dans le noyau Linux de SUSE (03 avril 2026) CERT-FR (ANSSI)
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn