CVE-2026-23166
Severity
5.5MEDIUM
EPSS
0.0%
top 96.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 14
Latest updateApr 13
Description
In the Linux kernel, the following vulnerability has been resolved:
ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues
Add NULL pointer checks in ice_vsi_set_napi_queues() to prevent crashes
during resume from suspend when rings[q_idx]->q_vector is NULL.
Tested adaptor:
60:00.0 Ethernet controller [0200]: Intel Corporation Ethernet Controller E810-XXV for SFP [8086:159b] (rev 02)
Subsystem: Intel Corporation Ethernet Network Adapter E810-XXV-2 [8086:4003]
SR-IOV state: both disable…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages3 packages
▶CVEListV5linux/linux2a5dc090b92cfa5270e20056074241c6db5c9cdd — d75c7b7c3c2b8e3569043099e6bdcefc983856c5+4
Patches
🔴Vulnerability Details
4VulDB▶
Linux Kernel up to 6.12.68/6.18.8 ice ice_vsi_set_napi_queues null pointer dereference (Nessus ID 299215 / WID-SEC-2026-0421)↗2026-04-13
GHSA▶
GHSA-5p9c-24w4-pq6q: In the Linux kernel, the following vulnerability has been resolved:
ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues
Add NULL pointer ch↗2026-02-14
OSV▶
CVE-2026-23166: In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer chec↗2026-02-14