In the Linux kernel, the following vulnerability has been resolved:

net: 3com: 3c59x: fix possible null dereference in vortex_probe1()

pdev can be null and free_ring: can be called in 1297 with a null
pdev.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00032.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
55c82617c3e82210b7471e9334e8fc5df6a9961f affected < 053ac9e37eee435e999277c0f1ef890dad6064bf
55c82617c3e82210b7471e9334e8fc5df6a9961f affected < 6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d
55c82617c3e82210b7471e9334e8fc5df6a9961f affected < 606872c8e8bf96066730f6a2317502c5633c37f1
55c82617c3e82210b7471e9334e8fc5df6a9961f affected < 28b2a805609699be7b90020ae7dccfb234be1ceb
55c82617c3e82210b7471e9334e8fc5df6a9961f affected < 2f05f7737e16d9a40038cc1c38a96a3f7964898b
55c82617c3e82210b7471e9334e8fc5df6a9961f affected < d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7
55c82617c3e82210b7471e9334e8fc5df6a9961f affected < a4e305ed60f7c41bbf9aabc16dd75267194e0de3
d30fdc02c49ad9965bba25015ae66c22dae967d1 affected
Linux Linux affected
Version Status Constraints
4.17 affected
0 unaffected < 4.17
5.10.248 unaffected ≤ 5.10.*
5.15.198 unaffected ≤ 5.15.*
6.1.161 unaffected ≤ 6.1.*
6.6.121 unaffected ≤ 6.6.*
6.12.66 unaffected ≤ 6.12.*
6.18.6 unaffected ≤ 6.18.*
6.19 unaffected ≤ *

No data.

No data.

No data.

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories
Source ID Title
Debian DLA Debian DLA DLA-4475-1 linux security update
Debian DLA Debian DLA DLA-4476-1 linux-6.1 security update
Debian DSA Debian DSA DSA-6126-1 linux security update
Debian DSA Debian DSA DSA-6127-1 linux security update
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/053ac9e37eee435e999277c0f1ef890dad6064bf cve-icon cve-icon
https://git.kernel.org/stable/c/28b2a805609699be7b90020ae7dccfb234be1ceb cve-icon cve-icon
https://git.kernel.org/stable/c/2f05f7737e16d9a40038cc1c38a96a3f7964898b cve-icon cve-icon
https://git.kernel.org/stable/c/606872c8e8bf96066730f6a2317502c5633c37f1 cve-icon cve-icon
https://git.kernel.org/stable/c/6cff14b831dbdb32675b4c7904dcc3eeeaf47e9d cve-icon cve-icon
https://git.kernel.org/stable/c/a4e305ed60f7c41bbf9aabc16dd75267194e0de3 cve-icon cve-icon
https://git.kernel.org/stable/c/d82796a57cc0dac1dbef19d913c8f02a8cc7b1a7 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026013136-CVE-2026-23020-07c3@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23020 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23020 cve-icon
History

Mon, 02 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
References

Sat, 31 Jan 2026 11:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortex_probe1() pdev can be null and free_ring: can be called in 1297 with a null pdev.
Title net: 3com: 3c59x: fix possible null dereference in vortex_probe1()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-02-09T08:37:13.897Z

Reserved: 2026-01-13T15:37:45.941Z

Link: CVE-2026-23020

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-01-31T12:16:05.310

Modified: 2026-02-03T16:44:36.630

Link: CVE-2026-23020

cve-icon Redhat

Severity :

Publid Date: 2026-01-31T00:00:00Z

Links: CVE-2026-23020 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.