CVE-2026-23070

Published: Feb 4, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes (supported, advertised) and EEPROM data in shared firmware structure which kernel access via MAC block(CGX/RPM). Accessing fwdata, on boards booted with out MAC block leading to kernel panics. Internal error: Oops: 0000000096000005 [#1] SMP [ 10.460721] Modules linked in: [ 10.463779] CPU: 0 UID: 0 PID: 174 Comm: kworker/0:3 Not tainted 6.19.0-rc5-00154-g76ec646abdf7-dirty #3 PREEMPT [ 10.474045] Hardware name: Marvell OcteonTX CN98XX board (DT) [ 10.479793] Workqueue: events work_for_cpu_fn [ 10.484159] pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 10.491124] pc : rvu_sdp_init+0x18/0x114 [ 10.495051] lr : rvu_probe+0xe58/0x1d18

Vendor	Product	Versions
Linux	Linux	affected `997814491cee7b19c162ad82439818e555f99ad9 - < 079050a23de6b7505595e4af75b36c34f0e9627e` affected `997814491cee7b19c162ad82439818e555f99ad9 - < e343973fab43c266a40e4e0dabdc4216db6d5eff` affected `997814491cee7b19c162ad82439818e555f99ad9 - < 4a3dba48188208e4f66822800e042686784d29d1`
Linux	Linux	affected `6.9` unaffected `0 - < 6.9` unaffected `6.12.78 - <= 6.12.` unaffected `6.18.8 - <= 6.18.` unaffected `6.19 - <= *`

References

https://git.kernel.org/stable/c/079050a23de6b7505595e4af75b36c34f0e9627e

https://git.kernel.org/stable/c/e343973fab43c266a40e4e0dabdc4216db6d5eff

https://git.kernel.org/stable/c/4a3dba48188208e4f66822800e042686784d29d1

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23070

Description

Affected Products

References