Description
In the Linux kernel, the following vulnerability has been resolved:

Octeontx2-af: Add proper checks for fwdata

firmware populates MAC address, link modes (supported, advertised)
and EEPROM data in shared firmware structure which kernel access
via MAC block(CGX/RPM).

Accessing fwdata, on boards booted with out MAC block leading to
kernel panics.

Internal error: Oops: 0000000096000005 [#1] SMP
[ 10.460721] Modules linked in:
[ 10.463779] CPU: 0 UID: 0 PID: 174 Comm: kworker/0:3 Not tainted 6.19.0-rc5-00154-g76ec646abdf7-dirty #3 PREEMPT
[ 10.474045] Hardware name: Marvell OcteonTX CN98XX board (DT)
[ 10.479793] Workqueue: events work_for_cpu_fn
[ 10.484159] pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[ 10.491124] pc : rvu_sdp_init+0x18/0x114
[ 10.495051] lr : rvu_probe+0xe58/0x1d18
Published: 2026-02-04
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service (Kernel Panic)
Action: Apply Patch
AI Analysis

Impact

The vulnerability arises when firmware populates MAC address, link modes, and EEPROM data in a shared structure that the kernel accesses via the MAC block. If a system boots without a MAC block, the kernel attempts to read this data, leading to an internal fault and a kernel panic. The result is a denial of service that completely halts the affected system. The weakness is a missing validation of firmware data prior to access, which aligns with a null pointer dereference type failure.

Affected Systems

The issue is present in the Linux kernel for versions 6.19‑rc1 through 6.19‑rc6, particularly on hardware that uses the OcteonTX interface such as the Marvell OcteonTX CN98XX board. Any Linux installation that boots this board without an initialized MAC block is susceptible.

Risk and Exploitability

The CVSS score of 5.5 indicates a moderate severity, while the EPSS score of less than 1% shows a very low probability of exploitation in the near term. The vulnerability is not listed in the CISA KEV catalog, further suggesting it is not widely known or actively exploited. Based on the description, the likely attack vector is local physical access at boot time, where an attacker can trigger the kernel crash by deactivating or omitting the MAC block during system initialization. Exploitation requires no network connectivity and is confined to the affected system itself.

Generated by OpenCVE AI on April 16, 2026 at 06:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that includes the patch for Octeontx2-af, such as 6.19.0-rc5 or later stable releases.
  • Apply the specific commit that adds proper checks for fwdata to your kernel source tree and rebuild the kernel if a newer release is not available.
  • Reconfigure your OcteonTX hardware to ensure the MAC block is present and active during boot, which prevents the kernel from accessing uninitialized firmware data.
  • Monitor kernel logs for any unexpected panics and verify that the system remains stable after the update.

Generated by OpenCVE AI on April 16, 2026 at 06:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
References

Wed, 18 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Thu, 05 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Wed, 04 Feb 2026 16:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes (supported, advertised) and EEPROM data in shared firmware structure which kernel access via MAC block(CGX/RPM). Accessing fwdata, on boards booted with out MAC block leading to kernel panics. Internal error: Oops: 0000000096000005 [#1] SMP [ 10.460721] Modules linked in: [ 10.463779] CPU: 0 UID: 0 PID: 174 Comm: kworker/0:3 Not tainted 6.19.0-rc5-00154-g76ec646abdf7-dirty #3 PREEMPT [ 10.474045] Hardware name: Marvell OcteonTX CN98XX board (DT) [ 10.479793] Workqueue: events work_for_cpu_fn [ 10.484159] pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 10.491124] pc : rvu_sdp_init+0x18/0x114 [ 10.495051] lr : rvu_probe+0xe58/0x1d18
Title Octeontx2-af: Add proper checks for fwdata
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-03-25T10:20:17.041Z

Reserved: 2026-01-13T15:37:45.955Z

Link: CVE-2026-23070

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2026-02-04T17:16:17.717

Modified: 2026-03-25T11:16:18.107

Link: CVE-2026-23070

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-04T00:00:00Z

Links: CVE-2026-23070 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T07:00:11Z

Weaknesses