CVE Catalog

CVE-2026-23084

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, a vulnerability was found in the be2net driver, involving a NULL pointer dereference in the be_cmd_get_mac_from_list function. The issue occurs when the function is called with pmac_id_valid set to false and pmac_id pointer set to NULL, leading to a write attempt at address NULL.

Risk Assessment

A local attacker could exploit this vulnerability to trigger a kernel panic or potentially escalate privileges, resulting in system denial of service or control compromise.

Recommendation

Immediately update the Linux kernel to a version containing the fix, which passes the address of a stub variable instead of a NULL pointer.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list When the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is set to false, the driver may request the PMAC_ID from the firmware of the network card, and this function will store that PMAC_ID at the provided address pmac_id. This is the contract of this function. However, there is a location within the driver where both pmac_id_valid == false and pmac_id == NULL are being passed. This could result in dereferencing a NULL pointer. To resolve this issue, it is necessary to pass the address of a stub variable to the function.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS