CVE-2026-23433

UNKNOWN 0.0

arm_mpam: Fix null pointer dereference when restoring bandwidth counters

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

7th

In the Linux kernel, the following vulnerability has been resolved: arm_mpam: Fix null pointer dereference when restoring bandwidth counters When an MSC supporting memory bandwidth monitoring is brought offline and then online, mpam_restore_mbwu_state() calls __ris_msmon_read() via ipi to restore the configuration of the bandwidth counters. It doesn't care about the value read, mbwu_arg.val, and doesn't set it leading to a null pointer dereference when __ris_msmon_read() adds to it. This results in a kernel oops with a call trace such as: Call trace: __ris_msmon_read+0x19c/0x64c (P) mpam_restore_mbwu_state+0xa0/0xe8 smp_call_on_cpu_callback+0x1c/0x38 process_one_work+0x154/0x4b4 worker_thread+0x188/0x310 kthread+0x11c/0x130 ret_from_fork+0x10/0x20 Provide a local variable for val to avoid __ris_msmon_read() dereferencing a null pointer when adding to val.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 3, 2026
Last Updated	Apr 13, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

41e8a14950e1732af51cfec8fa09f8ded02a5ca9 < ac3e12bc195786d3d44d730b5b2259fd36191848 41e8a14950e1732af51cfec8fa09f8ded02a5ca9 < 4ad79c874e53ebb7fe3b8ae7ac6c858a2121f415

Linux / Linux

6.19

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/ac3e12bc195786d3d44d730b5b2259fd36191848 git.kernel.org: https://git.kernel.org/stable/c/4ad79c874e53ebb7fe3b8ae7ac6c858a2121f415