{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23020", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.941Z", "datePublished": "2026-01-31T11:39:04.023Z", "dateUpdated": "2026-05-11T21:58:27.268Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:58:27.268Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: 3com: 3c59x: fix possible null dereference in vortex_probe1()\n\npdev can be null and free_ring: can be called in 1297 with a null\npdev."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/3com/3c59x.c"], "versions": [{"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "053ac9e37eee435e999277c0f1ef890dad6064bf", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "606872c8e8bf96066730f6a2317502c5633c37f1", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "28b2a805609699be7b90020ae7dccfb234be1ceb", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "2f05f7737e16d9a40038cc1c38a96a3f7964898b", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "a4e305ed60f7c41bbf9aabc16dd75267194e0de3", "status": "affected", "versionType": "git"}, {"version": "d30fdc02c49ad9965bba25015ae66c22dae967d1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/3com/3c59x.c"], "versions": [{"version": "4.17", "status": "affected"}, {"version": "0", "lessThan": "4.17", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.248", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.198", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.161", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.121", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.66", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.6", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "5.10.248"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "5.15.198"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.1.161"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.6.121"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.12.66"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.18.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.19"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.16.12"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/053ac9e37eee435e999277c0f1ef890dad6064bf"}, {"url": "https://git.kernel.org/stable/c/6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d"}, {"url": "https://git.kernel.org/stable/c/606872c8e8bf96066730f6a2317502c5633c37f1"}, {"url": "https://git.kernel.org/stable/c/28b2a805609699be7b90020ae7dccfb234be1ceb"}, {"url": "https://git.kernel.org/stable/c/2f05f7737e16d9a40038cc1c38a96a3f7964898b"}, {"url": "https://git.kernel.org/stable/c/d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7"}, {"url": "https://git.kernel.org/stable/c/a4e305ed60f7c41bbf9aabc16dd75267194e0de3"}], "title": "net: 3com: 3c59x: fix possible null dereference in vortex_probe1()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E372F14-2300-4733-AA3A-B7DD0540E9B2", "versionEndExcluding": "4.17", "versionStartIncluding": "4.16.12", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BAACA77-52C1-4896-B775-A42AF0D39893", "versionEndExcluding": "5.10.248", "versionStartIncluding": "4.17.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "82159CAA-B6BA-43C6-85D8-65BDBC175A7E", "versionEndExcluding": "5.15.198", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E135B7E2-61FC-4DC1-8570-ABD67894FFDE", "versionEndExcluding": "6.1.161", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB7A164B-7422-4A1C-82FB-5FCAEE53C06C", "versionEndExcluding": "6.6.121", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F72B884C-B44F-40E4-9895-CE421AC663D0", "versionEndExcluding": "6.12.66", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "879529BC-5B4C-4EBE-BF1D-1A31404A8B2E", "versionEndExcluding": "6.18.6", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.17:-:*:*:*:*:*:*", "matchCriteriaId": "3F438846-FE97-43DC-A655-B5EF8DED552E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*", "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*", "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*", "matchCriteriaId": "F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*", "matchCriteriaId": "EB5B7DFC-C36B-45D8-922C-877569FDDF43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: 3com: 3c59x: fix possible null dereference in vortex_probe1()\n\npdev can be null and free_ring: can be called in 1297 with a null\npdev."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nnet: 3com: 3c59x: correcci\u00f3n de posible desreferencia nula en vortex_probe1()\n\npdev puede ser nulo y free_ring: puede ser llamado en 1297 con un pdev nulo."}], "id": "CVE-2026-23020", "lastModified": "2026-03-25T15:56:02.047", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-01-31T12:16:05.310", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/053ac9e37eee435e999277c0f1ef890dad6064bf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/28b2a805609699be7b90020ae7dccfb234be1ceb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2f05f7737e16d9a40038cc1c38a96a3f7964898b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/606872c8e8bf96066730f6a2317502c5633c37f1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a4e305ed60f7c41bbf9aabc16dd75267194e0de3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: net: 3com: 3c59x: fix possible null dereference in vortex_probe1()", "id": "2435672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435672"}, "csaw": false, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: 3com: 3c59x: fix possible null dereference in vortex_probe1()\npdev can be null and free_ring: can be called in 1297 with a null\npdev."], "name": "CVE-2026-23020", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-01-31T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23020\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23020\nhttps://lore.kernel.org/linux-cve-announce/2026013136-CVE-2026-23020-07c3@gregkh/T"]}

{"analysis": {"en": {"generated_at": "2026-04-18T14:26:18.080715+00:00", "value": {"mitigation_remediation": ["Upgrade the Linux kernel to a release that includes the vortex_probe1 patch (e.g., 6.19.1 or later).", "If an upgrade cannot be performed immediately, remove or prevent loading of the 3com 3c59x driver module to stop the vulnerable code from executing.", "Restrict kernel module loading to privileged users only, monitor system logs for kernel panic events, and apply the patch as soon as it becomes available."], "summary": {"action": "Apply Patch", "impact": "Kernel Panic (Denial of Service)"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to Linux kernel releases from 4.17 onward, including all 6.19 release candidates up to rc8. Systems that load the 3c59x driver module\u2014typically those using 3com network adapters\u2014are potentially impacted. Administrators should confirm that the 3c59x module is present and determine the exact kernel version in use.", "description_and_impact": "The Linux kernel\u2019s 3com 3c59x network driver contains a null pointer dereference in the vortex_probe1() function. When the pdev argument is null, free_ring() is called and the kernel crashes. The immediate effect is a kernel panic, leading to a service interruption and requiring a reboot to recover. The flaw is identified as CWE\u2011476.", "risk_and_exploitability": "The CVSS score of 5.5 indicates medium severity. The EPSS score is less than 1\u202f%, suggesting a low historical probability of exploitation. The flaw is not listed in CISA\u2019s KEV catalog, implying no confirmed active exploitation. Based on the description, it is inferred that an attacker would need local or privileged access to trigger driver initialization, as the fault occurs when the driver is loaded. Remote exploitation without elevated privileges is unlikely."}}}}, "created": "2026-04-18T14:30:02.944214+00:00", "updated": "2026-04-18T14:30:02.944230+00:00", "vendors": []}