CVE-2026-43013
Awaiting Analysis Awaiting Analysis - Queue
NULL Pointer Dereference in Linux Kernel MLX5 LAG DebugFS

Publication date: 2026-05-01

Last updated on: 2026-05-01

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: lag: Check for LAG device before creating debugfs __mlx5_lag_dev_add_mdev() may return 0 (success) even when an error occurs that is handled gracefully. Consequently, the initialization flow proceeds to call mlx5_ldev_add_debugfs() even when there is no valid LAG context. mlx5_ldev_add_debugfs() blindly created the debugfs directory and attributes. This exposed interfaces (like the members file) that rely on a valid ldev pointer, leading to potential NULL pointer dereferences if accessed when ldev is NULL. Add a check to verify that mlx5_lag_dev(dev) returns a valid pointer before attempting to create the debugfs entries.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-01
Generated
2026-05-07
AI Q&A
2026-05-01
EPSS Evaluated
2026-05-05
NVD
CVE-2026-43013
EUVD
EUVD-2026-26612
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, ensure that your Linux kernel is updated to a version where the fix has been applied. The fix involves adding a check to verify that mlx5_lag_dev(dev) returns a valid pointer before creating debugfs entries, preventing NULL pointer dereferences.

If updating immediately is not possible, avoid accessing debugfs interfaces related to the mlx5 LAG device, as they may trigger the NULL pointer dereference.


Can you explain this vulnerability to me?

This vulnerability exists in the Linux kernel's mlx5 network driver related to Link Aggregation Group (LAG) devices. The function __mlx5_lag_dev_add_mdev() may incorrectly return success even when an error occurs. As a result, the initialization process continues and calls mlx5_ldev_add_debugfs() without a valid LAG device context.

The mlx5_ldev_add_debugfs() function then creates debugfs directories and attributes blindly, including interfaces like the members file that expect a valid LAG device pointer. If accessed when the LAG device pointer is NULL, this can lead to NULL pointer dereferences, potentially causing crashes or undefined behavior.

The fix involves adding a check to ensure that mlx5_lag_dev(dev) returns a valid pointer before creating debugfs entries.


How can this vulnerability impact me? :

This vulnerability can lead to NULL pointer dereferences in the Linux kernel's network driver, which may cause system instability or crashes if the debugfs interfaces are accessed when the LAG device context is invalid.

Such crashes or undefined behavior could disrupt network functionality or system operations, potentially leading to denial of service conditions on affected systems.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart