Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-23041 (GCVE-0-2026-23041)
Vulnerability from cvelistv5 – Published: 2026-02-04 16:00 – Updated: 2026-02-09 08:37
VLAI?
EPSS
Title
bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup
Summary
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup
When bnxt_init_one() fails during initialization (e.g.,
bnxt_init_int_mode returns -ENODEV), the error path calls
bnxt_free_hwrm_resources() which destroys the DMA pool and sets
bp->hwrm_dma_pool to NULL. Subsequently, bnxt_ptp_clear() is called,
which invokes ptp_clock_unregister().
Since commit a60fc3294a37 ("ptp: rework ptp_clock_unregister() to
disable events"), ptp_clock_unregister() now calls
ptp_disable_all_events(), which in turn invokes the driver's .enable()
callback (bnxt_ptp_enable()) to disable PTP events before completing the
unregistration.
bnxt_ptp_enable() attempts to send HWRM commands via bnxt_ptp_cfg_pin()
and bnxt_ptp_cfg_event(), both of which call hwrm_req_init(). This
function tries to allocate from bp->hwrm_dma_pool, causing a NULL
pointer dereference:
bnxt_en 0000:01:00.0 (unnamed net_device) (uninitialized): bnxt_init_int_mode err: ffffffed
KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
Call Trace:
__hwrm_req_init (drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c:72)
bnxt_ptp_enable (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:323 drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:517)
ptp_disable_all_events (drivers/ptp/ptp_chardev.c:66)
ptp_clock_unregister (drivers/ptp/ptp_clock.c:518)
bnxt_ptp_clear (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:1134)
bnxt_init_one (drivers/net/ethernet/broadcom/bnxt/bnxt.c:16889)
Lines are against commit f8f9c1f4d0c7 ("Linux 6.19-rc3")
Fix this by clearing and unregistering ptp (bnxt_ptp_clear()) before
freeing HWRM resources.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/broadcom/bnxt/bnxt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0174d5466caefc22f03a36c43b2a3cce7e332627",
"status": "affected",
"version": "a60fc3294a377204664b5484e4a487fa124155da",
"versionType": "git"
},
{
"lessThan": "3358995b1a7f9dcb52a56ec8251570d71024dad0",
"status": "affected",
"version": "a60fc3294a377204664b5484e4a487fa124155da",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/broadcom/bnxt/bnxt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.18"
},
{
"lessThan": "6.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.19",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.6",
"versionStartIncluding": "6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19",
"versionStartIncluding": "6.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup\n\nWhen bnxt_init_one() fails during initialization (e.g.,\nbnxt_init_int_mode returns -ENODEV), the error path calls\nbnxt_free_hwrm_resources() which destroys the DMA pool and sets\nbp-\u003ehwrm_dma_pool to NULL. Subsequently, bnxt_ptp_clear() is called,\nwhich invokes ptp_clock_unregister().\n\nSince commit a60fc3294a37 (\"ptp: rework ptp_clock_unregister() to\ndisable events\"), ptp_clock_unregister() now calls\nptp_disable_all_events(), which in turn invokes the driver\u0027s .enable()\ncallback (bnxt_ptp_enable()) to disable PTP events before completing the\nunregistration.\n\nbnxt_ptp_enable() attempts to send HWRM commands via bnxt_ptp_cfg_pin()\nand bnxt_ptp_cfg_event(), both of which call hwrm_req_init(). This\nfunction tries to allocate from bp-\u003ehwrm_dma_pool, causing a NULL\npointer dereference:\n\n bnxt_en 0000:01:00.0 (unnamed net_device) (uninitialized): bnxt_init_int_mode err: ffffffed\n KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n Call Trace:\n __hwrm_req_init (drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c:72)\n bnxt_ptp_enable (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:323 drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:517)\n ptp_disable_all_events (drivers/ptp/ptp_chardev.c:66)\n ptp_clock_unregister (drivers/ptp/ptp_clock.c:518)\n bnxt_ptp_clear (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:1134)\n bnxt_init_one (drivers/net/ethernet/broadcom/bnxt/bnxt.c:16889)\n\nLines are against commit f8f9c1f4d0c7 (\"Linux 6.19-rc3\")\n\nFix this by clearing and unregistering ptp (bnxt_ptp_clear()) before\nfreeing HWRM resources."
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T08:37:36.153Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0174d5466caefc22f03a36c43b2a3cce7e332627"
},
{
"url": "https://git.kernel.org/stable/c/3358995b1a7f9dcb52a56ec8251570d71024dad0"
}
],
"title": "bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-23041",
"datePublished": "2026-02-04T16:00:24.710Z",
"dateReserved": "2026-01-13T15:37:45.944Z",
"dateUpdated": "2026-02-09T08:37:36.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-23041\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-02-04T16:16:19.563\",\"lastModified\":\"2026-02-04T16:33:44.537\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup\\n\\nWhen bnxt_init_one() fails during initialization (e.g.,\\nbnxt_init_int_mode returns -ENODEV), the error path calls\\nbnxt_free_hwrm_resources() which destroys the DMA pool and sets\\nbp-\u003ehwrm_dma_pool to NULL. Subsequently, bnxt_ptp_clear() is called,\\nwhich invokes ptp_clock_unregister().\\n\\nSince commit a60fc3294a37 (\\\"ptp: rework ptp_clock_unregister() to\\ndisable events\\\"), ptp_clock_unregister() now calls\\nptp_disable_all_events(), which in turn invokes the driver\u0027s .enable()\\ncallback (bnxt_ptp_enable()) to disable PTP events before completing the\\nunregistration.\\n\\nbnxt_ptp_enable() attempts to send HWRM commands via bnxt_ptp_cfg_pin()\\nand bnxt_ptp_cfg_event(), both of which call hwrm_req_init(). This\\nfunction tries to allocate from bp-\u003ehwrm_dma_pool, causing a NULL\\npointer dereference:\\n\\n bnxt_en 0000:01:00.0 (unnamed net_device) (uninitialized): bnxt_init_int_mode err: ffffffed\\n KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\\n Call Trace:\\n __hwrm_req_init (drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c:72)\\n bnxt_ptp_enable (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:323 drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:517)\\n ptp_disable_all_events (drivers/ptp/ptp_chardev.c:66)\\n ptp_clock_unregister (drivers/ptp/ptp_clock.c:518)\\n bnxt_ptp_clear (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:1134)\\n bnxt_init_one (drivers/net/ethernet/broadcom/bnxt/bnxt.c:16889)\\n\\nLines are against commit f8f9c1f4d0c7 (\\\"Linux 6.19-rc3\\\")\\n\\nFix this by clearing and unregistering ptp (bnxt_ptp_clear()) before\\nfreeing HWRM resources.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0174d5466caefc22f03a36c43b2a3cce7e332627\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3358995b1a7f9dcb52a56ec8251570d71024dad0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
GHSA-F2R6-XF7J-HXVF
Vulnerability from github – Published: 2026-02-04 18:30 – Updated: 2026-02-04 18:30
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup
When bnxt_init_one() fails during initialization (e.g., bnxt_init_int_mode returns -ENODEV), the error path calls bnxt_free_hwrm_resources() which destroys the DMA pool and sets bp->hwrm_dma_pool to NULL. Subsequently, bnxt_ptp_clear() is called, which invokes ptp_clock_unregister().
Since commit a60fc3294a37 ("ptp: rework ptp_clock_unregister() to disable events"), ptp_clock_unregister() now calls ptp_disable_all_events(), which in turn invokes the driver's .enable() callback (bnxt_ptp_enable()) to disable PTP events before completing the unregistration.
bnxt_ptp_enable() attempts to send HWRM commands via bnxt_ptp_cfg_pin() and bnxt_ptp_cfg_event(), both of which call hwrm_req_init(). This function tries to allocate from bp->hwrm_dma_pool, causing a NULL pointer dereference:
bnxt_en 0000:01:00.0 (unnamed net_device) (uninitialized): bnxt_init_int_mode err: ffffffed KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] Call Trace: __hwrm_req_init (drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c:72) bnxt_ptp_enable (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:323 drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:517) ptp_disable_all_events (drivers/ptp/ptp_chardev.c:66) ptp_clock_unregister (drivers/ptp/ptp_clock.c:518) bnxt_ptp_clear (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:1134) bnxt_init_one (drivers/net/ethernet/broadcom/bnxt/bnxt.c:16889)
Lines are against commit f8f9c1f4d0c7 ("Linux 6.19-rc3")
Fix this by clearing and unregistering ptp (bnxt_ptp_clear()) before freeing HWRM resources.
{
"affected": [],
"aliases": [
"CVE-2026-23041"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-04T16:16:19Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup\n\nWhen bnxt_init_one() fails during initialization (e.g.,\nbnxt_init_int_mode returns -ENODEV), the error path calls\nbnxt_free_hwrm_resources() which destroys the DMA pool and sets\nbp-\u003ehwrm_dma_pool to NULL. Subsequently, bnxt_ptp_clear() is called,\nwhich invokes ptp_clock_unregister().\n\nSince commit a60fc3294a37 (\"ptp: rework ptp_clock_unregister() to\ndisable events\"), ptp_clock_unregister() now calls\nptp_disable_all_events(), which in turn invokes the driver\u0027s .enable()\ncallback (bnxt_ptp_enable()) to disable PTP events before completing the\nunregistration.\n\nbnxt_ptp_enable() attempts to send HWRM commands via bnxt_ptp_cfg_pin()\nand bnxt_ptp_cfg_event(), both of which call hwrm_req_init(). This\nfunction tries to allocate from bp-\u003ehwrm_dma_pool, causing a NULL\npointer dereference:\n\n bnxt_en 0000:01:00.0 (unnamed net_device) (uninitialized): bnxt_init_int_mode err: ffffffed\n KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n Call Trace:\n __hwrm_req_init (drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c:72)\n bnxt_ptp_enable (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:323 drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:517)\n ptp_disable_all_events (drivers/ptp/ptp_chardev.c:66)\n ptp_clock_unregister (drivers/ptp/ptp_clock.c:518)\n bnxt_ptp_clear (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:1134)\n bnxt_init_one (drivers/net/ethernet/broadcom/bnxt/bnxt.c:16889)\n\nLines are against commit f8f9c1f4d0c7 (\"Linux 6.19-rc3\")\n\nFix this by clearing and unregistering ptp (bnxt_ptp_clear()) before\nfreeing HWRM resources.",
"id": "GHSA-f2r6-xf7j-hxvf",
"modified": "2026-02-04T18:30:41Z",
"published": "2026-02-04T18:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23041"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0174d5466caefc22f03a36c43b2a3cce7e332627"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3358995b1a7f9dcb52a56ec8251570d71024dad0"
}
],
"schema_version": "1.4.0",
"severity": []
}
WID-SEC-W-2026-0324
Vulnerability from csaf_certbund - Published: 2026-02-04 23:00 - Updated: 2026-03-08 23:00Summary
Linux Kernel: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.
Betroffene Betriebssysteme: - Linux
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einer Denial-of-Service- Bedingung f\u00fchren oder eine Speicherbesch\u00e4digung verursachen k\u00f6nnen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0324 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0324.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0324 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0324"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71192",
"url": "https://lore.kernel.org/linux-cve-announce/2026020438-CVE-2025-71192-3370@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71193",
"url": "https://lore.kernel.org/linux-cve-announce/2026020439-CVE-2025-71193-288d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71194",
"url": "https://lore.kernel.org/linux-cve-announce/2026020448-CVE-2025-71194-1108@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71195",
"url": "https://lore.kernel.org/linux-cve-announce/2026020449-CVE-2025-71195-8c0c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71196",
"url": "https://lore.kernel.org/linux-cve-announce/2026020449-CVE-2025-71196-cf4b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71197",
"url": "https://lore.kernel.org/linux-cve-announce/2026020412-CVE-2025-71197-cfe2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71198",
"url": "https://lore.kernel.org/linux-cve-announce/2026020412-CVE-2025-71198-3572@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-71199",
"url": "https://lore.kernel.org/linux-cve-announce/2026020412-CVE-2025-71199-9a60@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23040",
"url": "https://lore.kernel.org/linux-cve-announce/2026020438-CVE-2026-23040-1980@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23041",
"url": "https://lore.kernel.org/linux-cve-announce/2026020438-CVE-2026-23041-a426@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23042",
"url": "https://lore.kernel.org/linux-cve-announce/2026020439-CVE-2026-23042-ce47@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23043",
"url": "https://lore.kernel.org/linux-cve-announce/2026020439-CVE-2026-23043-4975@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23044",
"url": "https://lore.kernel.org/linux-cve-announce/2026020439-CVE-2026-23044-3312@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23045",
"url": "https://lore.kernel.org/linux-cve-announce/2026020440-CVE-2026-23045-103a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23046",
"url": "https://lore.kernel.org/linux-cve-announce/2026020440-CVE-2026-23046-8bdb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23047",
"url": "https://lore.kernel.org/linux-cve-announce/2026020440-CVE-2026-23047-38d4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23048",
"url": "https://lore.kernel.org/linux-cve-announce/2026020441-CVE-2026-23048-f1cc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23049",
"url": "https://lore.kernel.org/linux-cve-announce/2026020449-CVE-2026-23049-9298@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23050",
"url": "https://lore.kernel.org/linux-cve-announce/2026020450-CVE-2026-23050-378c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23051",
"url": "https://lore.kernel.org/linux-cve-announce/2026020450-CVE-2026-23051-7ad8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23052",
"url": "https://lore.kernel.org/linux-cve-announce/2026020450-CVE-2026-23052-340f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23053",
"url": "https://lore.kernel.org/linux-cve-announce/2026020451-CVE-2026-23053-f630@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23054",
"url": "https://lore.kernel.org/linux-cve-announce/2026020451-CVE-2026-23054-3712@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23055",
"url": "https://lore.kernel.org/linux-cve-announce/2026020451-CVE-2026-23055-3f25@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23056",
"url": "https://lore.kernel.org/linux-cve-announce/2026020413-CVE-2026-23056-ddc8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23057",
"url": "https://lore.kernel.org/linux-cve-announce/2026020413-CVE-2026-23057-03eb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23058",
"url": "https://lore.kernel.org/linux-cve-announce/2026020414-CVE-2026-23058-802c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23059",
"url": "https://lore.kernel.org/linux-cve-announce/2026020414-CVE-2026-23059-152f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23060",
"url": "https://lore.kernel.org/linux-cve-announce/2026020414-CVE-2026-23060-6a41@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23061",
"url": "https://lore.kernel.org/linux-cve-announce/2026020415-CVE-2026-23061-31be@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23062",
"url": "https://lore.kernel.org/linux-cve-announce/2026020415-CVE-2026-23062-991d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23063",
"url": "https://lore.kernel.org/linux-cve-announce/2026020415-CVE-2026-23063-d727@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23064",
"url": "https://lore.kernel.org/linux-cve-announce/2026020416-CVE-2026-23064-8eec@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23065",
"url": "https://lore.kernel.org/linux-cve-announce/2026020416-CVE-2026-23065-f6ae@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23066",
"url": "https://lore.kernel.org/linux-cve-announce/2026020416-CVE-2026-23066-8e44@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23067",
"url": "https://lore.kernel.org/linux-cve-announce/2026020417-CVE-2026-23067-b41f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23068",
"url": "https://lore.kernel.org/linux-cve-announce/2026020417-CVE-2026-23068-0852@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23069",
"url": "https://lore.kernel.org/linux-cve-announce/2026020417-CVE-2026-23069-d026@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23070",
"url": "https://lore.kernel.org/linux-cve-announce/2026020418-CVE-2026-23070-2fcd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23071",
"url": "https://lore.kernel.org/linux-cve-announce/2026020418-CVE-2026-23071-675b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23072",
"url": "https://lore.kernel.org/linux-cve-announce/2026020418-CVE-2026-23072-916e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23073",
"url": "https://lore.kernel.org/linux-cve-announce/2026020419-CVE-2026-23073-9fce@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23074",
"url": "https://lore.kernel.org/linux-cve-announce/2026020419-CVE-2026-23074-6bb8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23075",
"url": "https://lore.kernel.org/linux-cve-announce/2026020419-CVE-2026-23075-0aef@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23076",
"url": "https://lore.kernel.org/linux-cve-announce/2026020420-CVE-2026-23076-b054@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23077",
"url": "https://lore.kernel.org/linux-cve-announce/2026020420-CVE-2026-23077-6880@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23078",
"url": "https://lore.kernel.org/linux-cve-announce/2026020420-CVE-2026-23078-61cc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23079",
"url": "https://lore.kernel.org/linux-cve-announce/2026020421-CVE-2026-23079-bb7e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23080",
"url": "https://lore.kernel.org/linux-cve-announce/2026020421-CVE-2026-23080-74d1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23081",
"url": "https://lore.kernel.org/linux-cve-announce/2026020421-CVE-2026-23081-5494@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23082",
"url": "https://lore.kernel.org/linux-cve-announce/2026020422-CVE-2026-23082-7bc8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23083",
"url": "https://lore.kernel.org/linux-cve-announce/2026020422-CVE-2026-23083-8968@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23084",
"url": "https://lore.kernel.org/linux-cve-announce/2026020422-CVE-2026-23084-8073@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23085",
"url": "https://lore.kernel.org/linux-cve-announce/2026020423-CVE-2026-23085-14e2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23086",
"url": "https://lore.kernel.org/linux-cve-announce/2026020423-CVE-2026-23086-9ad9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23087",
"url": "https://lore.kernel.org/linux-cve-announce/2026020423-CVE-2026-23087-f17e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23088",
"url": "https://lore.kernel.org/linux-cve-announce/2026020424-CVE-2026-23088-e0da@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23089",
"url": "https://lore.kernel.org/linux-cve-announce/2026020424-CVE-2026-23089-760f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23090",
"url": "https://lore.kernel.org/linux-cve-announce/2026020425-CVE-2026-23090-2971@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23091",
"url": "https://lore.kernel.org/linux-cve-announce/2026020425-CVE-2026-23091-4580@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23092",
"url": "https://lore.kernel.org/linux-cve-announce/2026020425-CVE-2026-23092-fc15@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23093",
"url": "https://lore.kernel.org/linux-cve-announce/2026020426-CVE-2026-23093-db0d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23094",
"url": "https://lore.kernel.org/linux-cve-announce/2026020426-CVE-2026-23094-9cb7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23095",
"url": "https://lore.kernel.org/linux-cve-announce/2026020426-CVE-2026-23095-66e8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23096",
"url": "https://lore.kernel.org/linux-cve-announce/2026020427-CVE-2026-23096-e5af@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23097",
"url": "https://lore.kernel.org/linux-cve-announce/2026020427-CVE-2026-23097-a591@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23098",
"url": "https://lore.kernel.org/linux-cve-announce/2026020427-CVE-2026-23098-1fd2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23099",
"url": "https://lore.kernel.org/linux-cve-announce/2026020428-CVE-2026-23099-a393@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23100",
"url": "https://lore.kernel.org/linux-cve-announce/2026020428-CVE-2026-23100-b482@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23101",
"url": "https://lore.kernel.org/linux-cve-announce/2026020428-CVE-2026-23101-47e0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23102",
"url": "https://lore.kernel.org/linux-cve-announce/2026020429-CVE-2026-23102-bafe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23103",
"url": "https://lore.kernel.org/linux-cve-announce/2026020429-CVE-2026-23103-63b3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23104",
"url": "https://lore.kernel.org/linux-cve-announce/2026020429-CVE-2026-23104-3802@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23105",
"url": "https://lore.kernel.org/linux-cve-announce/2026020430-CVE-2026-23105-1d6d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23106",
"url": "https://lore.kernel.org/linux-cve-announce/2026020430-CVE-2026-23106-3edb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23107",
"url": "https://lore.kernel.org/linux-cve-announce/2026020430-CVE-2026-23107-50d8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23108",
"url": "https://lore.kernel.org/linux-cve-announce/2026020431-CVE-2026-23108-0550@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23109",
"url": "https://lore.kernel.org/linux-cve-announce/2026020431-CVE-2026-23109-3e57@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-23110",
"url": "https://lore.kernel.org/linux-cve-announce/2026020431-CVE-2026-23110-56b1@gregkh/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6126 vom 2026-02-09",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00035.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6127 vom 2026-02-10",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00036.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4476 vom 2026-02-11",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00017.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4475 vom 2026-02-11",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00016.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2026-113 vom 2026-02-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-113.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3083 vom 2026-02-23",
"url": "https://access.redhat.com/errata/RHSA-2026:3083"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3110 vom 2026-02-23",
"url": "https://access.redhat.com/errata/RHSA-2026:3110"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3277 vom 2026-02-25",
"url": "https://access.redhat.com/errata/RHSA-2026:3277"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0617-1 vom 2026-02-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024378.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3268 vom 2026-02-25",
"url": "https://access.redhat.com/errata/RHSA-2026:3268"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3083 vom 2026-02-25",
"url": "https://linux.oracle.com/errata/ELSA-2026-3083.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3360 vom 2026-02-25",
"url": "https://access.redhat.com/errata/RHSA-2026:3360"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3388 vom 2026-02-26",
"url": "https://access.redhat.com/errata/RHSA-2026:3388"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3463 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3463"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3488 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3488"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3464 vom 2026-03-02",
"url": "https://access.redhat.com/errata/RHSA-2026:3464"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3488 vom 2026-03-02",
"url": "https://linux.oracle.com/errata/ELSA-2026-3488.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3464 vom 2026-03-03",
"url": "https://linux.oracle.com/errata/ELSA-2026-3464.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3634 vom 2026-03-03",
"url": "https://access.redhat.com/errata/RHSA-2026:3634"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3464 vom 2026-03-04",
"url": "https://errata.build.resf.org/RLSA-2026:3464"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3463 vom 2026-03-04",
"url": "https://errata.build.resf.org/RLSA-2026:3463"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3810 vom 2026-03-05",
"url": "https://access.redhat.com/errata/RHSA-2026:3810"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3488 vom 2026-03-05",
"url": "https://errata.build.resf.org/RLSA-2026:3488"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2026-098 vom 2026-03-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2026-098.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4012 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:4012"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-08T23:00:00.000+00:00",
"generator": {
"date": "2026-03-09T10:37:00.414+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0324",
"initial_release_date": "2026-02-04T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-02-18T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-02-23T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-24T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2026-02-25T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-02T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-03T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-03-04T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-03-08T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T050562",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-71192",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-71192"
},
{
"cve": "CVE-2025-71193",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-71193"
},
{
"cve": "CVE-2025-71194",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-71194"
},
{
"cve": "CVE-2025-71195",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-71195"
},
{
"cve": "CVE-2025-71196",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-71196"
},
{
"cve": "CVE-2025-71197",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-71197"
},
{
"cve": "CVE-2025-71198",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-71198"
},
{
"cve": "CVE-2025-71199",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-71199"
},
{
"cve": "CVE-2026-23040",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23040"
},
{
"cve": "CVE-2026-23041",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23041"
},
{
"cve": "CVE-2026-23042",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23042"
},
{
"cve": "CVE-2026-23043",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23043"
},
{
"cve": "CVE-2026-23044",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23044"
},
{
"cve": "CVE-2026-23045",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23045"
},
{
"cve": "CVE-2026-23046",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23046"
},
{
"cve": "CVE-2026-23047",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23047"
},
{
"cve": "CVE-2026-23048",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23048"
},
{
"cve": "CVE-2026-23049",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23049"
},
{
"cve": "CVE-2026-23050",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23050"
},
{
"cve": "CVE-2026-23051",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23051"
},
{
"cve": "CVE-2026-23052",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23052"
},
{
"cve": "CVE-2026-23053",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23053"
},
{
"cve": "CVE-2026-23054",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23054"
},
{
"cve": "CVE-2026-23055",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23055"
},
{
"cve": "CVE-2026-23056",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23056"
},
{
"cve": "CVE-2026-23057",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23057"
},
{
"cve": "CVE-2026-23058",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23058"
},
{
"cve": "CVE-2026-23059",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23059"
},
{
"cve": "CVE-2026-23060",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23060"
},
{
"cve": "CVE-2026-23061",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23061"
},
{
"cve": "CVE-2026-23062",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23062"
},
{
"cve": "CVE-2026-23063",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23063"
},
{
"cve": "CVE-2026-23064",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23064"
},
{
"cve": "CVE-2026-23065",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23065"
},
{
"cve": "CVE-2026-23066",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23066"
},
{
"cve": "CVE-2026-23067",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23067"
},
{
"cve": "CVE-2026-23068",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23068"
},
{
"cve": "CVE-2026-23069",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23069"
},
{
"cve": "CVE-2026-23070",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23070"
},
{
"cve": "CVE-2026-23071",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23071"
},
{
"cve": "CVE-2026-23072",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23072"
},
{
"cve": "CVE-2026-23073",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23073"
},
{
"cve": "CVE-2026-23074",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23074"
},
{
"cve": "CVE-2026-23075",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23075"
},
{
"cve": "CVE-2026-23076",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23076"
},
{
"cve": "CVE-2026-23077",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23077"
},
{
"cve": "CVE-2026-23078",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23078"
},
{
"cve": "CVE-2026-23079",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23079"
},
{
"cve": "CVE-2026-23080",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23080"
},
{
"cve": "CVE-2026-23081",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23081"
},
{
"cve": "CVE-2026-23082",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23082"
},
{
"cve": "CVE-2026-23083",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23083"
},
{
"cve": "CVE-2026-23084",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23084"
},
{
"cve": "CVE-2026-23085",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23085"
},
{
"cve": "CVE-2026-23086",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23086"
},
{
"cve": "CVE-2026-23087",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23087"
},
{
"cve": "CVE-2026-23088",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23088"
},
{
"cve": "CVE-2026-23089",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23089"
},
{
"cve": "CVE-2026-23090",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23090"
},
{
"cve": "CVE-2026-23091",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23091"
},
{
"cve": "CVE-2026-23092",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23092"
},
{
"cve": "CVE-2026-23093",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23093"
},
{
"cve": "CVE-2026-23094",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23094"
},
{
"cve": "CVE-2026-23095",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23095"
},
{
"cve": "CVE-2026-23096",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23096"
},
{
"cve": "CVE-2026-23097",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23097"
},
{
"cve": "CVE-2026-23098",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23098"
},
{
"cve": "CVE-2026-23099",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23099"
},
{
"cve": "CVE-2026-23100",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23100"
},
{
"cve": "CVE-2026-23101",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23101"
},
{
"cve": "CVE-2026-23102",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23102"
},
{
"cve": "CVE-2026-23103",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23103"
},
{
"cve": "CVE-2026-23104",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23104"
},
{
"cve": "CVE-2026-23105",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23105"
},
{
"cve": "CVE-2026-23106",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23106"
},
{
"cve": "CVE-2026-23107",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23107"
},
{
"cve": "CVE-2026-23108",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23108"
},
{
"cve": "CVE-2026-23109",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23109"
},
{
"cve": "CVE-2026-23110",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255",
"T050562"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-23110"
}
]
}
FKIE_CVE-2026-23041
Vulnerability from fkie_nvd - Published: 2026-02-04 16:16 - Updated: 2026-02-04 16:33
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup
When bnxt_init_one() fails during initialization (e.g.,
bnxt_init_int_mode returns -ENODEV), the error path calls
bnxt_free_hwrm_resources() which destroys the DMA pool and sets
bp->hwrm_dma_pool to NULL. Subsequently, bnxt_ptp_clear() is called,
which invokes ptp_clock_unregister().
Since commit a60fc3294a37 ("ptp: rework ptp_clock_unregister() to
disable events"), ptp_clock_unregister() now calls
ptp_disable_all_events(), which in turn invokes the driver's .enable()
callback (bnxt_ptp_enable()) to disable PTP events before completing the
unregistration.
bnxt_ptp_enable() attempts to send HWRM commands via bnxt_ptp_cfg_pin()
and bnxt_ptp_cfg_event(), both of which call hwrm_req_init(). This
function tries to allocate from bp->hwrm_dma_pool, causing a NULL
pointer dereference:
bnxt_en 0000:01:00.0 (unnamed net_device) (uninitialized): bnxt_init_int_mode err: ffffffed
KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
Call Trace:
__hwrm_req_init (drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c:72)
bnxt_ptp_enable (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:323 drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:517)
ptp_disable_all_events (drivers/ptp/ptp_chardev.c:66)
ptp_clock_unregister (drivers/ptp/ptp_clock.c:518)
bnxt_ptp_clear (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:1134)
bnxt_init_one (drivers/net/ethernet/broadcom/bnxt/bnxt.c:16889)
Lines are against commit f8f9c1f4d0c7 ("Linux 6.19-rc3")
Fix this by clearing and unregistering ptp (bnxt_ptp_clear()) before
freeing HWRM resources.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup\n\nWhen bnxt_init_one() fails during initialization (e.g.,\nbnxt_init_int_mode returns -ENODEV), the error path calls\nbnxt_free_hwrm_resources() which destroys the DMA pool and sets\nbp-\u003ehwrm_dma_pool to NULL. Subsequently, bnxt_ptp_clear() is called,\nwhich invokes ptp_clock_unregister().\n\nSince commit a60fc3294a37 (\"ptp: rework ptp_clock_unregister() to\ndisable events\"), ptp_clock_unregister() now calls\nptp_disable_all_events(), which in turn invokes the driver\u0027s .enable()\ncallback (bnxt_ptp_enable()) to disable PTP events before completing the\nunregistration.\n\nbnxt_ptp_enable() attempts to send HWRM commands via bnxt_ptp_cfg_pin()\nand bnxt_ptp_cfg_event(), both of which call hwrm_req_init(). This\nfunction tries to allocate from bp-\u003ehwrm_dma_pool, causing a NULL\npointer dereference:\n\n bnxt_en 0000:01:00.0 (unnamed net_device) (uninitialized): bnxt_init_int_mode err: ffffffed\n KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n Call Trace:\n __hwrm_req_init (drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c:72)\n bnxt_ptp_enable (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:323 drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:517)\n ptp_disable_all_events (drivers/ptp/ptp_chardev.c:66)\n ptp_clock_unregister (drivers/ptp/ptp_clock.c:518)\n bnxt_ptp_clear (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:1134)\n bnxt_init_one (drivers/net/ethernet/broadcom/bnxt/bnxt.c:16889)\n\nLines are against commit f8f9c1f4d0c7 (\"Linux 6.19-rc3\")\n\nFix this by clearing and unregistering ptp (bnxt_ptp_clear()) before\nfreeing HWRM resources."
},
{
"lang": "es",
"value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nbnxt_en: Correcci\u00f3n de un fallo por puntero NULL en bnxt_ptp_enable durante la limpieza de errores\n\nCuando bnxt_init_one() falla durante la inicializaci\u00f3n (p. ej., bnxt_init_int_mode devuelve -ENODEV), la ruta de error llama a bnxt_free_hwrm_resources() que destruye el pool de DMA y establece bp-\u0026gt;hwrm_dma_pool a NULL. Posteriormente, se llama a bnxt_ptp_clear(), que invoca a ptp_clock_unregister().\n\nDesde el commit a60fc3294a37 (\u0027ptp: rework ptp_clock_unregister() to disable events\u0027), ptp_clock_unregister() ahora llama a ptp_disable_all_events(), que a su vez invoca la funci\u00f3n de callback .enable() del controlador (bnxt_ptp_enable()) para deshabilitar los eventos PTP antes de completar el desregistro.\n\nbnxt_ptp_enable() intenta enviar comandos HWRM a trav\u00e9s de bnxt_ptp_cfg_pin() y bnxt_ptp_cfg_event(), ambas llaman a hwrm_req_init(). Esta funci\u00f3n intenta asignar memoria de bp-\u0026gt;hwrm_dma_pool, causando una desreferencia de puntero NULL:\n\n bnxt_en 0000:01:00.0 (net_device sin nombre) (no inicializado): bnxt_init_int_mode err: ffffffed\n KASAN: desreferencia de puntero nulo en el rango [0x0000000000000028-0x000000000000002f]\n Traza de Llamadas:\n __hwrm_req_init (drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c:72)\n bnxt_ptp_enable (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:323 drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:517)\n ptp_disable_all_events (drivers/ptp/ptp_chardev.c:66)\n ptp_clock_unregister (drivers/ptp/ptp_clock.c:518)\n bnxt_ptp_clear (drivers/net/ethernet/broadcom/bnxt/bnxt_ptp.c:1134)\n bnxt_init_one (drivers/net/ethernet/broadcom/bnxt/bnxt.c:16889)\n\nLas l\u00edneas son contra el commit f8f9c1f4d0c7 (\u0027Linux 6.19-rc3\u0027)\n\nSolucione esto limpiando y desregistrando ptp (bnxt_ptp_clear()) antes de liberar los recursos HWRM."
}
],
"id": "CVE-2026-23041",
"lastModified": "2026-02-04T16:33:44.537",
"metrics": {},
"published": "2026-02-04T16:16:19.563",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/0174d5466caefc22f03a36c43b2a3cce7e332627"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/3358995b1a7f9dcb52a56ec8251570d71024dad0"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…