{"id":"CVE-2022-3586","details":"A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.","modified":"2026-03-13T05:51:50.367287Z","published":"2022-10-19T18:15:13.113Z","related":["MGASA-2022-0379","MGASA-2022-0380","SUSE-SU-2022:3897-1","SUSE-SU-2022:3929-1","SUSE-SU-2022:3930-1","SUSE-SU-2022:3998-1","SUSE-SU-2022:4053-1","SUSE-SU-2022:4072-1","SUSE-SU-2022:4272-1","SUSE-SU-2022:4273-1","SUSE-SU-2022:4506-1","SUSE-SU-2022:4513-1","SUSE-SU-2022:4515-1","SUSE-SU-2022:4516-1","SUSE-SU-2022:4517-1","SUSE-SU-2022:4518-1","SUSE-SU-2022:4520-1","SUSE-SU-2022:4527-1","SUSE-SU-2022:4528-1","SUSE-SU-2022:4533-1","SUSE-SU-2022:4534-1","SUSE-SU-2022:4539-1","SUSE-SU-2022:4543-1","SUSE-SU-2022:4544-1","SUSE-SU-2022:4545-1","SUSE-SU-2022:4546-1","SUSE-SU-2022:4550-1","SUSE-SU-2022:4551-1","SUSE-SU-2022:4559-1","SUSE-SU-2022:4560-1","SUSE-SU-2022:4561-1","SUSE-SU-2022:4562-1","SUSE-SU-2022:4569-1","SUSE-SU-2022:4573-1","SUSE-SU-2022:4574-1","SUSE-SU-2022:4577-1","SUSE-SU-2022:4580-1","SUSE-SU-2022:4587-1","SUSE-SU-2022:4589-1","SUSE-SU-2022:4595-1","SUSE-SU-2022:4611-1","SUSE-SU-2022:4614-1","SUSE-SU-2022:4615-1","SUSE-SU-2022:4617-1","SUSE-SU-2023:0416-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"},{"type":"ADVISORY","url":"https://www.zerodayinitiative.com/advisories/upcoming/"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/9efd23297cca"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"2.6.39"},{"last_affected":"5.19"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3586.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}