CVE-2026-23020 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortex_probe1() pdev can be null and free_ring: can be called in 1297 with a null pdev.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/053ac9e37eee435e999277c0f1ef890dad6064bf
https://git.kernel.org/stable/c/28b2a805609699be7b90020ae7dccfb234be1ceb
https://git.kernel.org/stable/c/2f05f7737e16d9a40038cc1c38a96a3f7964898b
https://git.kernel.org/stable/c/606872c8e8bf96066730f6a2317502c5633c37f1
https://git.kernel.org/stable/c/6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d
https://git.kernel.org/stable/c/a4e305ed60f7c41bbf9aabc16dd75267194e0de3
https://git.kernel.org/stable/c/d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7

History

Sat, 31 Jan 2026 11:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortex_probe1() pdev can be null and free_ring: can be called in 1297 with a null pdev.
Title		net: 3com: 3c59x: fix possible null dereference in vortex_probe1()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/053ac9e37eee435e999277c0f1ef890dad6064bf https://git.kernel.org/stable/c/28b2a805609699be7b90020ae7dccfb234be1ceb https://git.kernel.org/stable/c/2f05f7737e16d9a40038cc1c38a96a3f7964898b https://git.kernel.org/stable/c/606872c8e8bf96066730f6a2317502c5633c37f1 https://git.kernel.org/stable/c/6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d https://git.kernel.org/stable/c/a4e305ed60f7c41bbf9aabc16dd75267194e0de3 https://git.kernel.org/stable/c/d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-01-31T11:39:04.023Z

Updated: 2026-01-31T11:39:04.023Z

Reserved: 2026-01-13T15:37:45.941Z

Link: CVE-2026-23020

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-31T12:16:05.310

Modified: 2026-01-31T12:16:05.310

Link: CVE-2026-23020

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23020", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.941Z", "datePublished": "2026-01-31T11:39:04.023Z", "dateUpdated": "2026-01-31T11:39:04.023Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-01-31T11:39:04.023Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: 3com: 3c59x: fix possible null dereference in vortex_probe1()\n\npdev can be null and free_ring: can be called in 1297 with a null\npdev."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/3com/3c59x.c"], "versions": [{"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "053ac9e37eee435e999277c0f1ef890dad6064bf", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "606872c8e8bf96066730f6a2317502c5633c37f1", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "28b2a805609699be7b90020ae7dccfb234be1ceb", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "2f05f7737e16d9a40038cc1c38a96a3f7964898b", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7", "status": "affected", "versionType": "git"}, {"version": "55c82617c3e82210b7471e9334e8fc5df6a9961f", "lessThan": "a4e305ed60f7c41bbf9aabc16dd75267194e0de3", "status": "affected", "versionType": "git"}, {"version": "d30fdc02c49ad9965bba25015ae66c22dae967d1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/3com/3c59x.c"], "versions": [{"version": "4.17", "status": "affected"}, {"version": "0", "lessThan": "4.17", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.248", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.198", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.161", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.121", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.66", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.6", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "5.10.248"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "5.15.198"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.1.161"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.6.121"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.12.66"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.18.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.17", "versionEndExcluding": "6.19-rc5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.16.12"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/053ac9e37eee435e999277c0f1ef890dad6064bf"}, {"url": "https://git.kernel.org/stable/c/6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d"}, {"url": "https://git.kernel.org/stable/c/606872c8e8bf96066730f6a2317502c5633c37f1"}, {"url": "https://git.kernel.org/stable/c/28b2a805609699be7b90020ae7dccfb234be1ceb"}, {"url": "https://git.kernel.org/stable/c/2f05f7737e16d9a40038cc1c38a96a3f7964898b"}, {"url": "https://git.kernel.org/stable/c/d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7"}, {"url": "https://git.kernel.org/stable/c/a4e305ed60f7c41bbf9aabc16dd75267194e0de3"}], "title": "net: 3com: 3c59x: fix possible null dereference in vortex_probe1()", "x_generator": {"engine": "bippy-1.2.0"}}}}