Home

Description

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes (supported, advertised) and EEPROM data in shared firmware structure which kernel access via MAC block(CGX/RPM). Accessing fwdata, on boards booted with out MAC block leading to kernel panics. Internal error: Oops: 0000000096000005 [#1] SMP [ 10.460721] Modules linked in: [ 10.463779] CPU: 0 UID: 0 PID: 174 Comm: kworker/0:3 Not tainted 6.19.0-rc5-00154-g76ec646abdf7-dirty #3 PREEMPT [ 10.474045] Hardware name: Marvell OcteonTX CN98XX board (DT) [ 10.479793] Workqueue: events work_for_cpu_fn [ 10.484159] pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 10.491124] pc : rvu_sdp_init+0x18/0x114 [ 10.495051] lr : rvu_probe+0xe58/0x1d18

PUBLISHED Reserved 2026-01-13 | Published 2026-02-04 | Updated 2026-02-09 | Assigner Linux

Product status

Default status
unaffected

997814491cee7b19c162ad82439818e555f99ad9 (git) before e343973fab43c266a40e4e0dabdc4216db6d5eff
affected

997814491cee7b19c162ad82439818e555f99ad9 (git) before 4a3dba48188208e4f66822800e042686784d29d1
affected

Default status
affected

6.9
affected

Any version before 6.9
unaffected

6.18.8 (semver)
unaffected

6.19 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/e343973fab43c266a40e4e0dabdc4216db6d5eff

git.kernel.org/...c/4a3dba48188208e4f66822800e042686784d29d1

cve.org (CVE-2026-23070)

nvd.nist.gov (CVE-2026-23070)

Download JSON