{"id":"CVE-2022-49958","summary":"net/sched: fix netdevice reference leaks in attach_default_qdiscs()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fix netdevice reference leaks in attach_default_qdiscs()\n\nIn attach_default_qdiscs(), if a dev has multiple queues and queue 0 fails\nto attach qdisc because there is no memory in attach_one_default_qdisc().\nThen dev-\u003eqdisc will be noop_qdisc by default. But the other queues may be\nable to successfully attach to default qdisc.\n\nIn this case, the fallback to noqueue process will be triggered. If the\noriginal attached qdisc is not released and a new one is directly\nattached, this will cause netdevice reference leaks.\n\nThe following is the bug log:\n\nveth0: default qdisc (fq_codel) fail, fallback to noqueue\nunregister_netdevice: waiting for veth0 to become free. Usage count = 32\nleaked reference.\n qdisc_alloc+0x12e/0x210\n qdisc_create_dflt+0x62/0x140\n attach_one_default_qdisc.constprop.41+0x44/0x70\n dev_activate+0x128/0x290\n __dev_open+0x12a/0x190\n __dev_change_flags+0x1a2/0x1f0\n dev_change_flags+0x23/0x60\n do_setlink+0x332/0x1150\n __rtnl_newlink+0x52f/0x8e0\n rtnl_newlink+0x43/0x70\n rtnetlink_rcv_msg+0x140/0x3b0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x1bb/0x290\n netlink_sendmsg+0x37c/0x4e0\n sock_sendmsg+0x5f/0x70\n ____sys_sendmsg+0x208/0x280\n\nFix this bug by clearing any non-noop qdiscs that may have been assigned\nbefore trying to re-attach.","modified":"2026-04-03T13:14:33.533347650Z","published":"2025-06-18T11:00:20.042Z","related":["SUSE-SU-2025:02264-1","SUSE-SU-2025:02321-1","SUSE-SU-2025:02322-1","SUSE-SU-2025:02537-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49958.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0c6c522857151ac00150fd01baeebf231fb7d142"},{"type":"WEB","url":"https://git.kernel.org/stable/c/44dfa645895a56f65461249deb5b81cd16560e2a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a420d587260185407eda9c5766cfa9bdd5c39a56"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f612466ebecb12a00d9152344ddda6f6345f04dc"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49958.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49958"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"bf6dba76d278d296b385b436d3ac7de56c190d44"},{"fixed":"44dfa645895a56f65461249deb5b81cd16560e2a"},{"fixed":"a420d587260185407eda9c5766cfa9bdd5c39a56"},{"fixed":"0c6c522857151ac00150fd01baeebf231fb7d142"},{"fixed":"f612466ebecb12a00d9152344ddda6f6345f04dc"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49958.json"}}],"schema_version":"1.7.5"}