CVE-2026-23019 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

net: marvell: prestera: fix NULL dereference on devlink_alloc() failure

devlink_alloc() may return NULL on allocation failure, but
prestera_devlink_alloc() unconditionally calls devlink_priv() on
the returned pointer.

This leads to a NULL pointer dereference if devlink allocation fails.
Add a check for a NULL devlink pointer and return NULL early to avoid
the crash.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/325aea74be7e192b5c947c782da23b0d19a5fda2
https://git.kernel.org/stable/c/326a4b7e61d01db3507f71c8bb5e85362f607064
https://git.kernel.org/stable/c/3950054c9512add0cc79ab7e72b6d2f9f675e25b
https://git.kernel.org/stable/c/8a4333b2818f0d853b43e139936c20659366e4a0
https://git.kernel.org/stable/c/94e070cd50790317fba7787ae6006934b7edcb6f
https://git.kernel.org/stable/c/a428e0da1248c353557970848994f35fd3f005e2

History

Sat, 31 Jan 2026 11:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlink_alloc() failure devlink_alloc() may return NULL on allocation failure, but prestera_devlink_alloc() unconditionally calls devlink_priv() on the returned pointer. This leads to a NULL pointer dereference if devlink allocation fails. Add a check for a NULL devlink pointer and return NULL early to avoid the crash.
Title		net: marvell: prestera: fix NULL dereference on devlink_alloc() failure
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/325aea74be7e192b5c947c782da23b0d19a5fda2 https://git.kernel.org/stable/c/326a4b7e61d01db3507f71c8bb5e85362f607064 https://git.kernel.org/stable/c/3950054c9512add0cc79ab7e72b6d2f9f675e25b https://git.kernel.org/stable/c/8a4333b2818f0d853b43e139936c20659366e4a0 https://git.kernel.org/stable/c/94e070cd50790317fba7787ae6006934b7edcb6f https://git.kernel.org/stable/c/a428e0da1248c353557970848994f35fd3f005e2

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-01-31T11:39:03.179Z

Updated: 2026-01-31T11:39:03.179Z

Reserved: 2026-01-13T15:37:45.940Z

Link: CVE-2026-23019

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-31T12:16:05.207

Modified: 2026-01-31T12:16:05.207

Link: CVE-2026-23019

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Metrics

Affected Vendors & Products

Projects

Metrics

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object