CVE-2026-23019

Jan. 31, 2026, 12:16 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlink_alloc() failure devlink_alloc() may return NULL on allocation failure, but prestera_devlink_alloc() unconditionally calls devlink_priv() on the returned pointer. This leads to a NULL pointer dereference if devlink allocation fails. Add a check for a NULL devlink pointer and return NULL early to avoid the crash.

Product(s) Impacted

Vendor Product Versions
Marvell
  • Prestera
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a marvell prestera / / / / / / / /

References

https://git.kernel.org/stable/c/325aea74be7e192b5c947c782da23b0d19a5fda2
https://git.kernel.org/stable/c/326a4b7e61d01db3507f71c8bb5e85362f607064
https://git.kernel.org/stable/c/3950054c9512add0cc79ab7e72b6d2f9f675e25b
https://git.kernel.org/stable/c/8a4333b2818f0d853b43e139936c20659366e4a0
https://git.kernel.org/stable/c/94e070cd50790317fba7787ae6006934b7edcb6f
https://git.kernel.org/stable/c/a428e0da1248c353557970848994f35fd3f005e2

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2026-01-31
CVE-2026-23019

Timeline

Published: Jan. 31, 2026, 12:16 p.m.
Last Modified: Jan. 31, 2026, 12:16 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.