{"id":"CVE-2026-23084","summary":"be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list\n\nWhen the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is\nset to false, the driver may request the PMAC_ID from the firmware of the\nnetwork card, and this function will store that PMAC_ID at the provided\naddress pmac_id. This is the contract of this function.\n\nHowever, there is a location within the driver where both\npmac_id_valid == false and pmac_id == NULL are being passed. This could\nresult in dereferencing a NULL pointer.\n\nTo resolve this issue, it is necessary to pass the address of a stub\nvariable to the function.","aliases":["ECHO-6f54-eb7d-affc"],"modified":"2026-04-21T02:26:38.934601707Z","published":"2026-02-04T16:08:08.456Z","related":["SUSE-SU-2026:0962-1","SUSE-SU-2026:1078-1","SUSE-SU-2026:1081-1","SUSE-SU-2026:20667-1","SUSE-SU-2026:20720-1","SUSE-SU-2026:20838-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","SUSE-SU-2026:20931-1","openSUSE-SU-2026:20416-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23084.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/31410a01a86bcb98c798d01061abf1f789c4f75a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/47ffb4dcffe336f4a7bd0f3284be7aadc6484698"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4cba480c9b9a3861a515262225cb53a1f5978344"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6c3e00888dbec887125a08b51a705b9b163fcdd1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8215794403d264739cc676668087512950b2ff31"},{"type":"WEB","url":"https://git.kernel.org/stable/c/92c6dc181a18e6e0ddb872ed35cb48a9274829e4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e206fb415db36bad52bb90c08d46ce71ffbe8a80"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23084.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23084"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"95046b927a54f461766f83a212c6a93bc5fd2e67"},{"fixed":"4cba480c9b9a3861a515262225cb53a1f5978344"},{"fixed":"92c6dc181a18e6e0ddb872ed35cb48a9274829e4"},{"fixed":"6c3e00888dbec887125a08b51a705b9b163fcdd1"},{"fixed":"e206fb415db36bad52bb90c08d46ce71ffbe8a80"},{"fixed":"47ffb4dcffe336f4a7bd0f3284be7aadc6484698"},{"fixed":"31410a01a86bcb98c798d01061abf1f789c4f75a"},{"fixed":"8215794403d264739cc676668087512950b2ff31"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23084.json"}}],"schema_version":"1.7.5"}