CVE-2022-49026

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49026

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49026.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49026

Downstream

DEBIAN-CVE-2022-49026

OESA-2024-2445

SUSE-SU-2024:3983-1

SUSE-SU-2024:3985-1

SUSE-SU-2024:4082-1

SUSE-SU-2024:4100-1

SUSE-SU-2024:4131-1

SUSE-SU-2024:4364-1

SUSE-SU-2025:0034-1

UBUNTU-CVE-2022-49026

Related

Published

2024-10-21T20:15:13Z

Modified

2025-08-09T19:01:27Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

e100: Fix possible use after free in e100xmitprepare

In e100xmitprepare(), if we can't map the skb, then return -ENOMEM, so e100xmitframe() will return NETDEVTXBUSY and the upper layer will resend the skb. But the skb is already freed, which will cause UAF bug when the upper layer resends the skb.

Remove the harmful free.

References

Affected packages