CVE-2026-45857

In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIO_INC_STATS. Fix this by adding a new error return path label after the use of the macro to avoid the deference.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/16ccbfddcb32365138c806cf572e69b42a193c5c	Patch
https://git.kernel.org/stable/c/1982257570b84dc33753d536dd969fd357a014e9	Patch
https://git.kernel.org/stable/c/25ab5e97d3c5f3ed594b4a65d1cc99dc24756681	Patch
https://git.kernel.org/stable/c/25d623f0d77c11a256a54e860d00c239aa9a2583	Patch
https://git.kernel.org/stable/c/3bbbab7b6949c76df64210348adbefedaabbf549	Patch
https://git.kernel.org/stable/c/44ef9f81392de885883f73b9f5c43936a82ae9d7	Patch
https://git.kernel.org/stable/c/526ea3c0ccd495b0079db3e28fdddd51c1bf01f7	Patch
https://git.kernel.org/stable/c/6037124dbf675fbd0a6248aaf04cf07387b8c323	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

25 Jun 2026, 21:07

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux linux Kernel Linux
References	~~() https://git.kernel.org/stable/c/16ccbfddcb32365138c806cf572e69b42a193c5c -~~	() https://git.kernel.org/stable/c/16ccbfddcb32365138c806cf572e69b42a193c5c - Patch
References	~~() https://git.kernel.org/stable/c/1982257570b84dc33753d536dd969fd357a014e9 -~~	() https://git.kernel.org/stable/c/1982257570b84dc33753d536dd969fd357a014e9 - Patch
References	~~() https://git.kernel.org/stable/c/25ab5e97d3c5f3ed594b4a65d1cc99dc24756681 -~~	() https://git.kernel.org/stable/c/25ab5e97d3c5f3ed594b4a65d1cc99dc24756681 - Patch
References	~~() https://git.kernel.org/stable/c/25d623f0d77c11a256a54e860d00c239aa9a2583 -~~	() https://git.kernel.org/stable/c/25d623f0d77c11a256a54e860d00c239aa9a2583 - Patch
References	~~() https://git.kernel.org/stable/c/3bbbab7b6949c76df64210348adbefedaabbf549 -~~	() https://git.kernel.org/stable/c/3bbbab7b6949c76df64210348adbefedaabbf549 - Patch
References	~~() https://git.kernel.org/stable/c/44ef9f81392de885883f73b9f5c43936a82ae9d7 -~~	() https://git.kernel.org/stable/c/44ef9f81392de885883f73b9f5c43936a82ae9d7 - Patch
References	~~() https://git.kernel.org/stable/c/526ea3c0ccd495b0079db3e28fdddd51c1bf01f7 -~~	() https://git.kernel.org/stable/c/526ea3c0ccd495b0079db3e28fdddd51c1bf01f7 - Patch
References	~~() https://git.kernel.org/stable/c/6037124dbf675fbd0a6248aaf04cf07387b8c323 -~~	() https://git.kernel.org/stable/c/6037124dbf675fbd0a6248aaf04cf07387b8c323 - Patch

27 May 2026, 14:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-27 14:16

Updated : 2026-06-25 21:07

NVD link : CVE-2026-45857

Mitre link : CVE-2026-45857

CVE.ORG link : CVE-2026-45857

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10