CVE-2026-23328

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-23328
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmt_chann mgmt_chann may be set to NULL if the firmware returns an unexpected error in aie2_send_mgmt_msg_wait(). This can later lead to a NULL pointer dereference in aie2_hw_stop(). Fix this by introducing a dedicated helper to destroy mgmt_chann and by adding proper NULL checks before accessing it.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/032ca7a9059c4ba6c329e0f1b442dab54dd9c3e5 Patch
https://git.kernel.org/stable/c/6270ee26e1edd862ea17e3eba148ca8fb2c99dc9 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.14:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
History

23 Apr 2026, 21:11

Type Values Removed Values Added
CWE CWE-476
References () https://git.kernel.org/stable/c/032ca7a9059c4ba6c329e0f1b442dab54dd9c3e5 - () https://git.kernel.org/stable/c/032ca7a9059c4ba6c329e0f1b442dab54dd9c3e5 - Patch
References () https://git.kernel.org/stable/c/6270ee26e1edd862ea17e3eba148ca8fb2c99dc9 - () https://git.kernel.org/stable/c/6270ee26e1edd862ea17e3eba148ca8fb2c99dc9 - Patch
First Time Linux
Linux linux Kernel
CPE cpe:2.3:o:linux:linux_kernel:6.14:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
Summary
  • (es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: accel/amdxdna: Corrección de la desreferencia de puntero NULL de mgmt_chann mgmt_chann puede establecerse en NULL si el firmware devuelve un error inesperado en aie2_send_mgmt_msg_wait(). Esto puede llevar posteriormente a una desreferencia de puntero NULL en aie2_hw_stop(). Se soluciona esto introduciendo una función auxiliar dedicada para destruir mgmt_chann y añadiendo comprobaciones de NULL adecuadas antes de acceder a él.
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5

25 Mar 2026, 11:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-25 11:16

Updated : 2026-04-23 21:11

NVD link : CVE-2026-23328

Mitre link : CVE-2026-23328

CVE.ORG link : CVE-2026-23328

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference