SB2026030461 - NULL pointer dereference in Linux kernel platform x86 driver
Published: March 4, 2026
Security Bulletin ID
SB2026030461
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2026-23237)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cmpc_accel_sensitivity_show_v4(), cmpc_accel_sensitivity_store_v4(), cmpc_accel_g_select_show_v4(), cmpc_accel_g_select_store_v4(), cmpc_accel_open_v4(), cmpc_accel_sensitivity_show() and cmpc_accel_sensitivity_store() functions in drivers/platform/x86/classmate-laptop.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/97528b1622b8f129574d29a571c32a3c85eafa3c
- https://git.kernel.org/stable/c/993708fc18d0d0919db438361b4e8c1f980a8d1b
- https://git.kernel.org/stable/c/9cf4b9b8ad09d6e05307abc4e951cabdff4be652
- https://git.kernel.org/stable/c/af673209d43b46257540997aba042b90ef3258c0
- https://git.kernel.org/stable/c/da6e06a5fdbabea3870d18c227734b5dea5b3be6
- https://git.kernel.org/stable/c/eb214804f03c829decf10998e9b7dd26f4c8ab9e
- https://git.kernel.org/stable/c/fe747d7112283f47169e9c16e751179a9b38611e