CVE-2026-22996

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc5+ #117

Description The Linux kernel contained a flaw in the net/mlx5e component where the mlx5e priv structure was incorrectly stored in the mlx5e dev devlink private area. This structure is unstable and can be cleared if profile attachment fails. Storing it in this location could lead to a kernel oops during mlx5e remove when switchdev mode fails due to a profile change failure. The issue occurs when attempting to reload a devlink device, potentially causing a kernel panic.

Recommendations Update to a version newer than 6.18.0-rc5+ #117.

Exploit

Fix

Use After Free

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-476

Related Identifiers

AZL-77295

AZL-78476

BDU:2026-02336

CVE-2026-22996

ECHO-26E0-13AD-0488

OESA-2026-1759

OESA-2026-1760

OESA-2026-1761

OPENSUSE-SU-2026:20287-1

SUSE-SU-2026:0447-1

SUSE-SU-2026:0472-1

SUSE-SU-2026:0587-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20555-1

SUSE-SU-2026:20599-1

SUSE-SU-2026:20615-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

USN-8278-1

USN-8289-1

USN-8296-1

Affected Products

Linux Kernel

Ubuntu

Mlx5E

CVE-2026-22996

Weakness Enumeration

Related Identifiers

Affected Products

References · 1938