CVE-2026-23309
NULL Pointer Dereference in Linux Kernel Tracing Component
Publication date: 2026-03-25
Last updated on: 2026-03-25
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 6.18 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's tracing subsystem. Specifically, when the function trigger_data_alloc() fails and returns NULL, the code jumps to an error handling path that calls trigger_data_free(). However, trigger_data_free() does not check if its input pointer is NULL before dereferencing it, leading to a NULL pointer dereference when it tries to access data->cmd_ops->set_filter.
The issue is fixed by adding a NULL pointer check in trigger_data_free() to prevent dereferencing a NULL pointer.
How can this vulnerability impact me? :
This vulnerability can cause a NULL pointer dereference in the Linux kernel, which may lead to a kernel crash or system instability. Such a crash could result in denial of service (DoS) conditions, affecting system availability.