Vulnetix
Try Vulnetix Request Demo
CVE-2026-23242 PUBLISHED CVSS 7.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp->rx_fpdu->more_ddp_segs without checking, which may lead to a NULL pointer deref. Only check more_ddp_segs when rx_fpdu is present. KASAN splat: [ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7] [ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50

EPSS 0.03% · 9.2th percentile

Risk Scores

CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.03%
9.2th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel2.6.24, 2.6.24, 2.6.24
LinuxLinux2be8e3ee8efd6f99ce454115c29d09750915021a, 2be8e3ee8efd6f99ce454115c29d09750915021a, 2be8e3ee8efd6f99ce454115c29d09750915021a

Timeline

References

…and 47 more

Open in Interactive Console →