CVE-2026-22987
BaseFortify
Publication date: 2026-01-23
Last updated on: 2026-02-26
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | From 6.17 (inc) to 6.18.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel's network scheduler where a function called tcf_idrinfo_destroy incorrectly dereferences an error pointer (ERR_PTR) during network namespace teardown. Specifically, it passes an ERR_PTR(-EBUSY) as a tc_action pointer, leading to an invalid memory dereference and a crash. The fix involves adding checks to avoid dereferencing error pointers during this process.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash during network namespace teardown due to invalid memory access. This can lead to system instability or denial of service conditions on affected systems.