CVE-2026-23084

MEDIUM EPSS 2.4%
Published Feb 4, 20264mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 4, 2026 4mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list When the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is set to false, the driver may request the PMAC_ID from the firmware of the network card, and this function will store that PMAC_ID at the provided address pmac_id. This is the contract of this function. However, there is a location within the driver where both pmac_id_valid == false and pmac_id == NULL are being passed. This could result in dereferencing a NULL pointer. To resolve this issue, it is necessary to pass the address of a stub variable to the function.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥3.12  –  <5.10.249
linuxlinux_kernel*≥5.11  –  <5.15.199
linuxlinux_kernel*≥5.16  –  <6.1.162
linuxlinux_kernel*≥6.2  –  <6.6.122
linuxlinux_kernel*≥6.7  –  <6.12.68
linuxlinux_kernel*≥6.13  –  <6.18.8
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/31410a01a86bcb98c798d01061abf1f789c4f75a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/47ffb4dcffe336f4a7bd0f3284be7aadc6484698
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4cba480c9b9a3861a515262225cb53a1f5978344
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c3e00888dbec887125a08b51a705b9b163fcdd1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8215794403d264739cc676668087512950b2ff31
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/92c6dc181a18e6e0ddb872ed35cb48a9274829e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e206fb415db36bad52bb90c08d46ce71ffbe8a80
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/31410a01a86bcb98c798d01061abf1f789c4f75a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/47ffb4dcffe336f4a7bd0f3284be7aadc6484698
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4cba480c9b9a3861a515262225cb53a1f5978344
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c3e00888dbec887125a08b51a705b9b163fcdd1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8215794403d264739cc676668087512950b2ff31
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/92c6dc181a18e6e0ddb872ed35cb48a9274829e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e206fb415db36bad52bb90c08d46ce71ffbe8a80
    Patch