CVE-2026-23237

CWE-476NULL Pointer Dereference8 documents8 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 99.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedMar 4
Latest updateMar 10

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL pointer checks In a few places in the Classmate laptop driver, code using the accel object may run before that object's address is stored in the driver data of the input device using it. For example, cmpc_accel_sensitivity_store_v4() is the "show" method of cmpc_accel_sensitivity_attr_v4 which is added in cmpc_accel_add_v4(), before calling dev_set_drvdata() for inputdev->dev.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel2.6.33.15.10.251+7
CVEListV5linux/linux529aa8cb0a59367d08883f818e8c47028e819d0d993708fc18d0d0919db438361b4e8c1f980a8d1b+7
Debianlinux< 5.10.251-1+3
Debianlinux-6.1< 6.1.164-1~deb11u1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2026-23237: In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL pointer checks In a few places in2026-03-04
CVEList
platform/x86: classmate-laptop: Add missing NULL pointer checks2026-03-04
GHSA
GHSA-9438-9qfw-m4v5: In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL pointer checks In a few places2026-03-04

📋Vendor Advisories

3
Microsoft
platform/x86: classmate-laptop: Add missing NULL pointer checks2026-03-10
Red Hat
kernel: platform/x86: classmate-laptop: Add missing NULL pointer checks2026-03-04
Debian
CVE-2026-23237: linux - In the Linux kernel, the following vulnerability has been resolved: platform/x8...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23237 Impact, Exploitability, and Mitigation Steps | Wiz