CVE-2026-23433NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference7 documents7 sources
Severity
5.3MEDIUM
No vector
EPSS
0.0%
top 93.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: arm_mpam: Fix null pointer dereference when restoring bandwidth counters When an MSC supporting memory bandwidth monitoring is brought offline and then online, mpam_restore_mbwu_state() calls __ris_msmon_read() via ipi to restore the configuration of the bandwidth counters. It doesn't care about the value read, mbwu_arg.val, and doesn't set it leading to a null pointer dereference when __ris_msmon_read() adds to it. This resul

Affected Packages2 packages

Debianlinux/linux_kernel< 6.19.10-1
CVEListV5linux/linux41e8a14950e1732af51cfec8fa09f8ded02a5ca9ac3e12bc195786d3d44d730b5b2259fd36191848+2

🔴Vulnerability Details

3
GHSA
GHSA-vqqw-285r-pw6x: In the Linux kernel, the following vulnerability has been resolved: arm_mpam: Fix null pointer dereference when restoring bandwidth counters When an2026-04-03
CVEList
arm_mpam: Fix null pointer dereference when restoring bandwidth counters2026-04-03
OSV
CVE-2026-23433: In the Linux kernel, the following vulnerability has been resolved: arm_mpam: Fix null pointer dereference when restoring bandwidth counters When an M2026-04-03

📋Vendor Advisories

2
Red Hat
kernel: arm_mpam: Fix null pointer dereference when restoring bandwidth counters2026-04-03
Debian
CVE-2026-23433: linux - In the Linux kernel, the following vulnerability has been resolved: arm_mpam: F...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23433 Impact, Exploitability, and Mitigation Steps | Wiz