VDB

CVE-2026-23242

CVE-2026-23242 PUBLISHED CVSS 7.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp->rx_fpdu->more_ddp_segs without checking, which may lead to a NULL pointer deref. Only check more_ddp_segs when rx_fpdu is present. KASAN splat: [ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7] [ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50

EPSS 0.08% · 23.3th percentile

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.08%
23.3th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel2.6.24, 2.6.24, 2.6.24
LinuxLinux2be8e3ee8efd6f99ce454115c29d09750915021a, 2be8e3ee8efd6f99ce454115c29d09750915021a, 2be8e3ee8efd6f99ce454115c29d09750915021a

Timeline

  • Mar 18, 2026 EPSS Score
  • Mar 18, 2026 CVE Published
  • Mar 19, 2026 EPSS Score
  • Mar 20, 2026 EPSS Score
  • Mar 21, 2026 EPSS Score
  • Mar 22, 2026 EPSS Score
  • Mar 22, 2026 Coalition ESS Score
  • Mar 23, 2026 EPSS Score
  • Mar 24, 2026 EPSS Score
  • Mar 25, 2026 EPSS Score
  • Mar 25, 2026 Coalition ESS Score
  • Mar 29, 2026 Security Advisory

References

…and 124 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›