{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-49921","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-05-01T14:05:17.252Z","datePublished":"2025-05-01T14:11:00.309Z","dateUpdated":"2026-05-11T19:09:17.322Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:09:17.322Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Fix use after free in red_enqueue()\n\nWe can't use \"skb\" again after passing it to qdisc_enqueue().  This is\nbasically identical to commit 2f09707d0c97 (\"sch_sfb: Also store skb\nlen before calling child enqueue\")."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/sched/sch_red.c"],"versions":[{"version":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e","lessThan":"795afe0b9bb6c915f0299a8e309936519be01619","status":"affected","versionType":"git"},{"version":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e","lessThan":"a238cdcf2bdc72207c74375fc8be13ee549ca9db","status":"affected","versionType":"git"},{"version":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e","lessThan":"e877f8fa49fbccc63cb2df2e9179bddc695b825a","status":"affected","versionType":"git"},{"version":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e","lessThan":"52e0429471976785c155bfbf51d80990c6cd46e2","status":"affected","versionType":"git"},{"version":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e","lessThan":"5960b9081baca85cc7dcb14aec1de85999ea9d36","status":"affected","versionType":"git"},{"version":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e","lessThan":"fc4b50adb400ee5ec527a04073174e8e73a139fa","status":"affected","versionType":"git"},{"version":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e","lessThan":"170e5317042c302777ed6d59fdb84af9b0219d4e","status":"affected","versionType":"git"},{"version":"d7f4f332f082c4d4ba53582f902ed6b44fd6f45e","lessThan":"8bdc2acd420c6f3dd1f1c78750ec989f02a1e2b9","status":"affected","versionType":"git"},{"version":"ab0b3b9dbf559a5633d460e748144697bd2d3aa3","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/sched/sch_red.c"],"versions":[{"version":"4.7","status":"affected"},{"version":"0","lessThan":"4.7","status":"unaffected","versionType":"semver"},{"version":"4.9.333","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.299","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.265","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.224","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.154","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.78","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.0.8","lessThanOrEqual":"6.0.*","status":"unaffected","versionType":"semver"},{"version":"6.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"4.9.333"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"4.14.299"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"4.19.265"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.4.224"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.10.154"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.15.78"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.0.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.163"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/795afe0b9bb6c915f0299a8e309936519be01619"},{"url":"https://git.kernel.org/stable/c/a238cdcf2bdc72207c74375fc8be13ee549ca9db"},{"url":"https://git.kernel.org/stable/c/e877f8fa49fbccc63cb2df2e9179bddc695b825a"},{"url":"https://git.kernel.org/stable/c/52e0429471976785c155bfbf51d80990c6cd46e2"},{"url":"https://git.kernel.org/stable/c/5960b9081baca85cc7dcb14aec1de85999ea9d36"},{"url":"https://git.kernel.org/stable/c/fc4b50adb400ee5ec527a04073174e8e73a139fa"},{"url":"https://git.kernel.org/stable/c/170e5317042c302777ed6d59fdb84af9b0219d4e"},{"url":"https://git.kernel.org/stable/c/8bdc2acd420c6f3dd1f1c78750ec989f02a1e2b9"}],"title":"net: sched: Fix use after free in red_enqueue()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-416","lang":"en","description":"CWE-416 Use After Free"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-10-01T14:58:28.989555Z","id":"CVE-2022-49921","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-01T14:58:31.797Z"}}]}}