2436816 – (CVE-2026-23084) CVE-2026-23084 kernel: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list

Bug 2436816 (CVE-2026-23084) - CVE-2026-23084 kernel: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list

Summary: CVE-2026-23084 kernel: be2net: Fix NULL pointer dereference in be_cmd_get_mac...

Keywords:
Status:	NEW
Alias:	CVE-2026-23084
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-02-04 17:04 UTC by OSIDB Bzimport
Modified:	2026-02-06 11:02 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-02-04 17:04:47 UTC

In the Linux kernel, the following vulnerability has been resolved:

be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list

When the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is
set to false, the driver may request the PMAC_ID from the firmware of the
network card, and this function will store that PMAC_ID at the provided
address pmac_id. This is the contract of this function.

However, there is a location within the driver where both
pmac_id_valid == false and pmac_id == NULL are being passed. This could
result in dereferencing a NULL pointer.

To resolve this issue, it is necessary to pass the address of a stub
variable to the function.

Comment 1 Jon Moroney 2026-02-04 20:16:47 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026020422-CVE-2026-23084-8073@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.