{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23042", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.944Z", "datePublished": "2026-02-04T16:00:25.466Z", "dateUpdated": "2026-05-11T21:58:52.636Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:58:52.636Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix aux device unplugging when rdma is not supported by vport\n\nIf vport flags do not contain VIRTCHNL2_VPORT_ENABLE_RDMA, driver does not\nallocate vdev_info for this vport. This leads to kernel NULL pointer\ndereference in idpf_idc_vport_dev_down(), which references vdev_info for\nevery vport regardless.\n\nCheck, if vdev_info was ever allocated before unplugging aux device."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/intel/idpf/idpf_idc.c"], "versions": [{"version": "be91128c579c86d295da4325f6ac4710e4e6d2b4", "lessThan": "0ad6d6e50e9d8bf596cfe77a882ddc20b29f525a", "status": "affected", "versionType": "git"}, {"version": "be91128c579c86d295da4325f6ac4710e4e6d2b4", "lessThan": "4648fb2f2e7210c53b85220ee07d42d1e4bae3f9", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/intel/idpf/idpf_idc.c"], "versions": [{"version": "6.17", "status": "affected"}, {"version": "0", "lessThan": "6.17", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.6", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.18.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/0ad6d6e50e9d8bf596cfe77a882ddc20b29f525a"}, {"url": "https://git.kernel.org/stable/c/4648fb2f2e7210c53b85220ee07d42d1e4bae3f9"}], "title": "idpf: fix aux device unplugging when rdma is not supported by vport", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix aux device unplugging when rdma is not supported by vport\n\nIf vport flags do not contain VIRTCHNL2_VPORT_ENABLE_RDMA, driver does not\nallocate vdev_info for this vport. This leads to kernel NULL pointer\ndereference in idpf_idc_vport_dev_down(), which references vdev_info for\nevery vport regardless.\n\nCheck, if vdev_info was ever allocated before unplugging aux device."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nidpf: correcci\u00f3n de la desconexi\u00f3n del dispositivo auxiliar cuando rdma no es compatible con el vport\n\nSi los flags del vport no contienen VIRTCHNL2_VPORT_ENABLE_RDMA, el controlador no asigna vdev_info para este vport. Esto lleva a una desreferencia de puntero NULL del kernel en idpf_idc_vport_dev_down(), que referencia vdev_info para cada vport independientemente.\n\nCompruebe si vdev_info fue alguna vez asignado antes de desconectar el dispositivo auxiliar."}], "id": "CVE-2026-23042", "lastModified": "2026-04-15T00:35:42.020", "metrics": {}, "published": "2026-02-04T16:16:19.680", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0ad6d6e50e9d8bf596cfe77a882ddc20b29f525a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4648fb2f2e7210c53b85220ee07d42d1e4bae3f9"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Deferred"}

{"bugzilla": {"description": "kernel: idpf: fix aux device unplugging when rdma is not supported by vport", "id": "2436760", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436760"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2026-23042", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23042\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23042\nhttps://lore.kernel.org/linux-cve-announce/2026020439-CVE-2026-23042-ce47@gregkh/T"], "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-17T23:48:44.180188+00:00", "value": {"mitigation_remediation": ["Apply the latest kernel update that contains the commit which fixes the null dereference in idpf.", "While a patch is not available, avoid unplugging auxiliary devices on interfaces where RDMA is disabled or disable the vport\u2019s auxiliary device support if possible.", "Monitor system logs for kernel Oops or panic messages and schedule a kernel upgrade as soon as the patch is released."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Linux kernel for all distributions that ship the unpatched idpf driver version. The vulnerability applies to every Linux kernel using the affected code and has RDMA\u2011unsupported vports, however no specific versions are listed.", "description_and_impact": "The Linux kernel driver idpf fails to allocate vdev_info when a virtual port does not have RDMA enabled, yet treats the information as if it were present. Unplugging an auxiliary device on such a virtual port leads to a null pointer dereference during cleanup, resulting in a kernel crash and a denial\u2011of\u2011service condition. The weakness is a classic NULL pointer dereference (CWE\u2011476) that can be triggered locally by an attacker who can cause the device to be unplugged. The likely attack vector is local, as the fault is triggered by manipulating the device unplug process.", "risk_and_exploitability": "CVSS score 7.0 indicates high severity. EPSS is below 1\u202f%, showing that exploitation is considered unlikely at present. The vulnerability is not listed in CISA\u2019s KEV catalog. Exploitation requires local access to trigger unplugging of the auxiliary device on a vport lacking RDMA support; therefore the risk is confined to local attackers who can manipulate the driver. Because the flaw results in a kernel crash, the impact is denial of service rather than privilege escalation."}}}}, "created": "2026-04-18T00:00:09.462030+00:00", "updated": "2026-04-18T00:00:09.462061+00:00", "vendors": [], "weaknesses": ["CWE-476"]}