{"id":"CVE-2022-49921","summary":"net: sched: Fix use after free in red_enqueue()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Fix use after free in red_enqueue()\n\nWe can't use \"skb\" again after passing it to qdisc_enqueue().  This is\nbasically identical to commit 2f09707d0c97 (\"sch_sfb: Also store skb\nlen before calling child enqueue\").","modified":"2026-04-03T13:14:41.788242Z","published":"2025-05-01T14:11:00.309Z","related":["SUSE-SU-2025:01966-1","SUSE-SU-2025:02173-1","SUSE-SU-2025:02334-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49921.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/170e5317042c302777ed6d59fdb84af9b0219d4e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/52e0429471976785c155bfbf51d80990c6cd46e2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5960b9081baca85cc7dcb14aec1de85999ea9d36"},{"type":"WEB","url":"https://git.kernel.org/stable/c/795afe0b9bb6c915f0299a8e309936519be01619"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8bdc2acd420c6f3dd1f1c78750ec989f02a1e2b9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a238cdcf2bdc72207c74375fc8be13ee549ca9db"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e877f8fa49fbccc63cb2df2e9179bddc695b825a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fc4b50adb400ee5ec527a04073174e8e73a139fa"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49921.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49921"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e"},{"fixed":"795afe0b9bb6c915f0299a8e309936519be01619"},{"fixed":"a238cdcf2bdc72207c74375fc8be13ee549ca9db"},{"fixed":"e877f8fa49fbccc63cb2df2e9179bddc695b825a"},{"fixed":"52e0429471976785c155bfbf51d80990c6cd46e2"},{"fixed":"5960b9081baca85cc7dcb14aec1de85999ea9d36"},{"fixed":"fc4b50adb400ee5ec527a04073174e8e73a139fa"},{"fixed":"170e5317042c302777ed6d59fdb84af9b0219d4e"},{"fixed":"8bdc2acd420c6f3dd1f1c78750ec989f02a1e2b9"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"ab0b3b9dbf559a5633d460e748144697bd2d3aa3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49921.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}