PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-23242 Linux CVE debrief

CVE-2026-23242 is a Linux kernel denial-of-service issue in RDMA/siw header processing. NVD rates it HIGH (CVSS 7.5) and the supplied kernel fix notes say a NULL pointer dereference can occur when siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), leaving qp->rx_fpdu unset and then dereferenced in siw_tcp_rx_data(). The result is a kernel crash rather than a confidentiality or integrity issue.

Vendor
Linux
Product
Unknown
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-03-18
Original CVE updated
2026-05-21
Advisory published
2026-03-18
Advisory updated
2026-05-21

Who should care

Linux kernel maintainers, distribution security teams, and operators running kernels with RDMA/siw enabled should prioritize this advisory. Hosts that use or expose the affected RDMA path have the most practical risk because the flaw can crash the kernel remotely without authentication.

Technical summary

The bug is a NULL pointer dereference in the RDMA/siw receive path. According to the supplied description, if siw_get_hdr() fails early with -EINVAL before set_rx_fpdu_context() runs, qp->rx_fpdu can remain NULL. The error path in siw_tcp_rx_data() then accesses qp->rx_fpdu->more_ddp_segs without first checking that rx_fpdu exists. The included KASAN trace shows a null-ptr-deref in siw_tcp_rx_data+0x13ad/0x1e50. NVD maps the issue to CWE-476 and lists affected Linux kernel ranges including versions before 5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.14, and 6.19.4, plus the 5.3 line entry shown in the record.

Defensive priority

High for environments that run the affected kernel branches and use RDMA/siw. The network attack vector, lack of required privileges, and kernel-crash impact make this a meaningful availability risk even though the issue is not reported as code execution.

Recommended defensive actions

  • Apply the vendor or stable-kernel updates that correspond to the fixed commits referenced by NVD.
  • Inventory which systems actually use RDMA/siw so you can prioritize the hosts where this path is reachable.
  • Treat internet-facing or production systems on the affected kernel ranges as higher priority for remediation.
  • After patching, verify rebooted kernels are on a fixed release and monitor for unexpected oops or crash events during validation.
  • Use the official CVE and NVD records plus the listed stable-kernel patch references to track downstream distribution backports.

Evidence notes

The supplied official data shows CVE-2026-23242 was published on 2026-03-18 and last modified on 2026-05-21. NVD marks the record as Analyzed, assigns CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, and identifies CWE-476. The kernel description states that siw_tcp_rx_data() can dereference qp->rx_fpdu->more_ddp_segs after siw_get_hdr() fails before set_rx_fpdu_context(), and the KASAN splat confirms a null-ptr-deref in siw_tcp_rx_data. NVD also includes multiple stable-kernel patch references for remediation.

Official resources

Publicly published in the official CVE/NVD record on 2026-03-18, with the record last modified on 2026-05-21. No CISA KEV entry is provided in the supplied enrichment.