CVE-2026-23328 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference7 documents6 sources

Severity

5.3MEDIUM

No vector

EPSS

0.0%

top 93.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmt_chann mgmt_chann may be set to NULL if the firmware returns an unexpected error in aie2_send_mgmt_msg_wait(). This can later lead to a NULL pointer dereference in aie2_hw_stop(). Fix this by introducing a dedicated helper to destroy mgmt_chann and by adding proper NULL checks before accessing it.

Affected Packages4 packages

▶Linuxlinux/linux_kernel6.14.0 — 6.19.7

▶Debianlinux/linux_kernel< 6.19.8-1

▶CVEListV5linux/linuxb87f920b934426a24d54613f12ed67c03ae05024 — 032ca7a9059c4ba6c329e0f1b442dab54dd9c3e5+2

▶debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

OSV

accel/amdxdna: Fix NULL pointer dereference of mgmt_chann↗2026-03-25

▶

GHSA

GHSA-j57x-5h9f-j263: In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmt_chann mgmt_chann may be set↗2026-03-25

▶

OSV

CVE-2026-23328: In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmt_chann mgmt_chann may be set to↗2026-03-25

▶

📋Vendor Advisories

Red Hat

kernel: accel/amdxdna: Fix NULL pointer dereference of mgmt_chann↗2026-03-25

▶

Debian

CVE-2026-23328: linux - In the Linux kernel, the following vulnerability has been resolved: accel/amdxd...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-23328 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶