CVE-2026-23042

Summary

In the Linux kernel, the following vulnerability has been resolved:

idpf: fix aux device unplugging when rdma is not supported by vport

If vport flags do not contain VIRTCHNL2_VPORT_ENABLE_RDMA, driver does not allocate vdev_info for this vport. This leads to kernel NULL pointer dereference in idpf_idc_vport_dev_down(), which references vdev_info for every vport regardless.

Check, if vdev_info was ever allocated before unplugging aux device.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbe91128c579c86d295da4325f6ac4710e4e6d2b4 < 0ad6d6e50e9d8bf596cfe77a882ddc20b29f525aaffected
LinuxLinuxbe91128c579c86d295da4325f6ac4710e4e6d2b4 < 4648fb2f2e7210c53b85220ee07d42d1e4bae3f9affected
LinuxLinux6.17affected
LinuxLinux0 < 6.17unaffected
LinuxLinux6.18.6 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References