CVE-2026-23084
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, a vulnerability was found in the be2net driver, involving a NULL pointer dereference in the be_cmd_get_mac_from_list function. The issue occurs when the function is called with pmac_id_valid set to false and pmac_id pointer set to NULL, leading to a write attempt at address NULL.
Risk Assessment
A local attacker could exploit this vulnerability to trigger a kernel panic or potentially escalate privileges, resulting in system denial of service or control compromise.
Recommendation
Immediately update the Linux kernel to a version containing the fix, which passes the address of a stub variable instead of a NULL pointer.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list When the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is set to false, the driver may request the PMAC_ID from the firmware of the network card, and this function will store that PMAC_ID at the provided address pmac_id. This is the contract of this function. However, there is a location within the driver where both pmac_id_valid == false and pmac_id == NULL are being passed. This could result in dereferencing a NULL pointer. To resolve this issue, it is necessary to pass the address of a stub variable to the function.

