5.5
CVE-2026-43094
- EPSS 0.12%
- Veröffentlicht 06.05.2026 07:40:25
- Zuletzt bearbeitet 01.06.2026 17:17:03
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ixgbevf: add missing negotiate_features op to Hyper-V ops table
In the Linux kernel, the following vulnerability has been resolved:
ixgbevf: add missing negotiate_features op to Hyper-V ops table
Commit a7075f501bd3 ("ixgbevf: fix mailbox API compatibility by
negotiating supported features") added the .negotiate_features callback
to ixgbe_mac_operations and populated it in ixgbevf_mac_ops, but forgot
to add it to ixgbevf_hv_mac_ops. This leaves the function pointer NULL
on Hyper-V VMs.
During probe, ixgbevf_negotiate_api() calls ixgbevf_set_features(),
which unconditionally dereferences hw->mac.ops.negotiate_features().
On Hyper-V this results in a NULL pointer dereference:
BUG: kernel NULL pointer dereference, address: 0000000000000000
[...]
Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine [...]
Workqueue: events work_for_cpu_fn
RIP: 0010:0x0
[...]
Call Trace:
ixgbevf_negotiate_api+0x66/0x160 [ixgbevf]
ixgbevf_sw_init+0xe4/0x1f0 [ixgbevf]
ixgbevf_probe+0x20f/0x4a0 [ixgbevf]
local_pci_probe+0x50/0xa0
work_for_cpu_fn+0x1a/0x30
[...]
Add ixgbevf_hv_negotiate_features_vf() that returns -EOPNOTSUPP and
wire it into ixgbevf_hv_mac_ops. The caller already handles -EOPNOTSUPP
gracefully.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.1.158 < 6.2
Linux ≫ Linux Kernel Version >= 6.6.114 < 6.6.136
Linux ≫ Linux Kernel Version >= 6.12.55 < 6.12.83
Linux ≫ Linux Kernel Version >= 6.17.5 < 6.18
Linux ≫ Linux Kernel Version >= 6.18.1 < 6.18.24
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.14
Linux ≫ Linux Kernel Version6.18 Update-
Linux ≫ Linux Kernel Version6.18 Updaterc2
Linux ≫ Linux Kernel Version6.18 Updaterc3
Linux ≫ Linux Kernel Version6.18 Updaterc4
Linux ≫ Linux Kernel Version6.18 Updaterc5
Linux ≫ Linux Kernel Version6.18 Updaterc6
Linux ≫ Linux Kernel Version6.18 Updaterc7
Linux ≫ Linux Kernel Version7.0 Updaterc1
Linux ≫ Linux Kernel Version7.0 Updaterc2
Linux ≫ Linux Kernel Version7.0 Updaterc3
Linux ≫ Linux Kernel Version7.0 Updaterc4
Linux ≫ Linux Kernel Version7.0 Updaterc5
Linux ≫ Linux Kernel Version7.0 Updaterc6
Linux ≫ Linux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.023 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/d8a747057a17ffc79e31df1abb11d05e1669d8e5
https://git.kernel.org/stable/c/2270ebab53128fb73c4a70a292be09094074737f
https://git.kernel.org/stable/c/4db7b61ec1d1b2b67c0881b62fc4f9583bc21484
https://git.kernel.org/stable/c/1455ff8809843e6e83f1f5b5c0bcc2224c99a3cb
https://git.kernel.org/stable/c/4821d563cd7f251ae728be1a6d04af82a294a5b9
https://git.kernel.org/stable/c/376d74ea03589914fbe2dedcbebf418396c04fd0