CVE-2026-23366 — Vulnetix

CVE-2026-23366 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drm_client_modeset_probe may fail to kcalloc. If this occurs, we jump to 'out', calling modes_destroy on it, which dereferences it. This may result in a NULL pointer dereference in the error case. Prevent that.

EPSS 0.02% · 4.6th percentile

Risk Scores

EPSS Score

0.02%

4.6th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.16, 6.16, 6.16
Linux	Linux	3039cc0c0653c6e15130a8719c3237329a954670, 3039cc0c0653c6e15130a8719c3237329a954670, 0

Exploit Intelligence

https://git.kernel.org/stable/c/4e3ca5f82346cc23c0a71f1ceb006115ff6b0745 (circl)
https://git.kernel.org/stable/c/9aa3e33f0c7f2679ac599a09e3102c8f716a6321 (circl)
https://git.kernel.org/stable/c/c601fd5414315fc515f746b499110e46272e7243 (circl)

Timeline

Mar 25, 2026 EPSS Score
Mar 25, 2026 Coalition ESS Score
Mar 25, 2026 CVE Published
Mar 29, 2026 Security Advisory
Apr 24, 2026 CVE Updated
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score
May 21, 2026 EPSS Score
May 22, 2026 EPSS Score
May 23, 2026 EPSS Score
May 24, 2026 EPSS Score

References

https://git.kernel.org/stable/c/4e3ca5f82346cc23c0a71f1ceb006115ff6b0745 url
https://git.kernel.org/stable/c/9aa3e33f0c7f2679ac599a09e3102c8f716a6321 url
https://git.kernel.org/stable/c/c601fd5414315fc515f746b499110e46272e7243 url
https://nvd.nist.gov/vuln/detail/CVE-2026-23366 advisory

Open in Interactive Console →