PT-2026-27718 · Linux · Linux Kernel
Published
2026-01-01
·
Updated
2026-03-25
·
CVE-2026-23353
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.19.0-0.rc7.260128g1f97d9dcf5364.49.eln154.x86 64
Description
The Linux kernel contains a flaw within the ice network driver related to the ethtool offline loopback test. Following the conversion to page pool allocation, the test causes a kernel NULL pointer dereference, leading to a system crash. The issue arises because the receive ring for ICE Virtual Switch Interface (VSI) loopback tests was not properly initialized for libeth, resulting in an attempt to access an uninitialized memory location.
Recommendations
Update the Linux kernel to version 6.19.0-0.rc7.260128g1f97d9dcf5364.49.eln154.x86 64 or a later version that includes the fix.
Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel