Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2022-49958
CVE-2022-49958:
Linux Kernel vulnerability analysis and mitigation
Overview
CVE-2022-49958 is a vulnerability in the Linux kernel related to netdevice reference leaks in the attachdefaultqdiscs() function. The vulnerability was disclosed and documented in June 2025 (NVD, Wiz).
Technical details
The vulnerability occurs in attachdefaultqdiscs() when a device has multiple queues and queue 0 fails to attach qdisc due to memory constraints in attachonedefaultqdisc(). In this scenario, dev->qdisc defaults to noopqdisc, but other queues may successfully attach to the default qdisc. This triggers the fallback to noqueue process, and if the original attached qdisc is not released before attaching a new one, it results in netdevice reference leaks (NVD, Wiz).
Impact
The vulnerability can lead to resource leaks in the system, specifically netdevice reference leaks. This is evidenced by the bug log showing a waiting state for veth0 with a usage count of 32 leaked references (Wiz).
Mitigation and workarounds
The fix involves clearing any non-noop qdiscs that may have been assigned before attempting to re-attach. This solution has been implemented in the Linux kernel to prevent the reference leaks (Wiz).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management