CVE-2026-22985

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the idpf driver related to RSS LUT initialization. Specifically, the RSS LUT is not initialized until an interface is active, leading to a NULL pointer dereference crash when ethtool operations, such as disabling rxhash, are performed before the interface is brought up. The issue is resolved by moving RSS LUT initialization to vport creation, ensuring the LUT is always available. This allows RSS configuration via ethtool before interface activation. The driver now maintains all changes in a soft copy and programs zeros to the indirection table when rxhash is disabled, deferring hardware programming until the interface is active. The vulnerability can be triggered by loading the idpf driver and then attempting to disable rxhash on an interface before bringing it up using the command ethtool -K eth2 rxhash off. The crash involves a NULL pointer dereference in the memcpy orig function, as indicated by the kernel log.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.