CVE-2026-23084 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 4
Latest updateApr 17
Description
In the Linux kernel, the following vulnerability has been resolved:
be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list
When the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is
set to false, the driver may request the PMAC_ID from the firmware of the
network card, and this function will store that PMAC_ID at the provided
address pmac_id. This is the contract of this function.
However, there is a location within the driver where both
pmac_id_valid == false and pm…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages12 packages
▶CVEListV5linux/linux95046b927a54f461766f83a212c6a93bc5fd2e67 — 4cba480c9b9a3861a515262225cb53a1f5978344+7
Patches
🔴Vulnerability Details
2OSV▶
CVE-2026-23084: In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list When the paramete↗2026-02-04
GHSA▶
GHSA-2j82-cf92-x9qh: In the Linux kernel, the following vulnerability has been resolved:
be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list
When the parame↗2026-02-04