CVE-2026-23042
- Source
- https://cve.org/CVERecord?id=CVE-2026-23042
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23042.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-23042
- Downstream
- Published
- 2026-02-04T16:00:25.466Z
- Modified
- 2026-02-09T19:33:44.423225Z
- Summary
- idpf: fix aux device unplugging when rdma is not supported by vport
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
idpf: fix aux device unplugging when rdma is not supported by vport
If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo for this vport. This leads to kernel NULL pointer dereference in idpfidcvportdevdown(), which references vdev_info for every vport regardless.
Check, if vdev_info was ever allocated before unplugging aux device.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23042.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0ad6d6e50e9d8bf596cfe77a882ddc20b29f525a
- https://git.kernel.org/stable/c/4648fb2f2e7210c53b85220ee07d42d1e4bae3f9
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23042.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23042
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedbe91128c579c86d295da4325f6ac4710e4e6d2b4Fixed0ad6d6e50e9d8bf596cfe77a882ddc20b29f525aFixed4648fb2f2e7210c53b85220ee07d42d1e4bae3f9
Affected versions
v6.*
v6.16
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.17
v6.17-rc1
v6.17-rc2
v6.17-rc3
v6.17-rc4
v6.17-rc5
v6.17-rc6
v6.17-rc7
v6.18
v6.18-rc1
v6.18-rc2
v6.18-rc3
v6.18-rc4
v6.18-rc5
v6.18-rc6
v6.18-rc7
v6.18.1
v6.18.2
v6.18.3
v6.18.4
v6.18.5
v6.19-rc1
v6.19-rc2
v6.19-rc3