CVE-2026-22981

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the idpf (Intel Data Plane Framework) driver related to handling resets. Specifically, the issue arises from insufficient protection of the reset path against callbacks, potentially leading to resource loss and crashes. The driver may lose the vport state when simultaneously invoking hard and soft resets. Additionally, a failure during the reset process can leave the network device exposed to external callbacks while vport resources are uninitialized, resulting in a kernel crash. The idpf detach and close() function is called before reset handling, and the idpf attach and open() function is used to recover the netdevs state if the reset handling succeeds. The idpf init hard reset() function has been modified to void, as it was already being used as such. The issue can be triggered by attempting to perform hard and soft resets concurrently, as demonstrated by the command sequence: ip -br a <inf>tUP echo 1 > /sys/class/net/ens801f0/device/reset& ethtool -L ens801f0 combined 8 ip -br a <inf>tDOWN ip link set <inf> up ip -br a <inf>tDOWN. A crash can occur during subsequent ifup/down operations if the reset path fails. The call trace indicates a NULL pointer dereference within the idpf stop function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.