HIGHCVE-2026-23242Published Modified CNA Linux
CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp->rx_fpdu->more_ddp_segs without checking, which may lead to a NULL pointer deref. Only check more_ddp_segs when rx_fpdu is present. KASAN splat: [ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7] [ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
014ab3da122bd18920ad57428f6cf4fade83851425.10.2525.15.2026.1.1656.6.1286.12.756.18.146.19.47.0714c99e1dc8f85f446e05be02ba83972e981a8178564dcc12fbb372d984ab45768cae9335777b27487b7a036d2c73d5bb3ae2d47dee23de465db3355ab61841633d10e56a58c1493a262f0d02dba2f5eab957056192d6bd068b3759cb2077d859cca01f0ce025f7f5d070596194315eb2e4e89d568b8a755ffba40b67663567481fa8a1ed5d2da36897c175d
Affected packages
- Linux / Linux< ab61841633d10e56a58c1493a262f0d02dba2f5e (from 8b6a361b8c482f22ac99c3273285ff16b23fba91) · < 8564dcc12fbb372d984ab45768cae9335777b274 (from 8b6a361b8c482f22ac99c3273285ff16b23fba91) · < ab957056192d6bd068b3759cb2077d859cca01f0 (from 8b6a361b8c482f22ac99c3273285ff16b23fba91) · < ffba40b67663567481fa8a1ed5d2da36897c175d (from 8b6a361b8c482f22ac99c3273285ff16b23fba91) · < 87b7a036d2c73d5bb3ae2d47dee23de465db3355 (from 8b6a361b8c482f22ac99c3273285ff16b23fba91) · < 714c99e1dc8f85f446e05be02ba83972e981a817 (from 8b6a361b8c482f22ac99c3273285ff16b23fba91)
- Linux / Linux5.3Fixed in 0, 5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.14, 6.19.4, 7.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H