{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T06:04:57.766","vulnerabilities":[{"cve":{"id":"CVE-2026-23433","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-04-03T16:16:24.777","lastModified":"2026-04-07T13:21:09.600","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\narm_mpam: Fix null pointer dereference when restoring bandwidth counters\n\nWhen an MSC supporting memory bandwidth monitoring is brought offline and\nthen online, mpam_restore_mbwu_state() calls __ris_msmon_read() via ipi to\nrestore the configuration of the bandwidth counters. It doesn't care about\nthe value read, mbwu_arg.val, and doesn't set it leading to a null pointer\ndereference when __ris_msmon_read() adds to it. This results in a kernel\noops with a call trace such as:\n\nCall trace:\n__ris_msmon_read+0x19c/0x64c (P)\nmpam_restore_mbwu_state+0xa0/0xe8\nsmp_call_on_cpu_callback+0x1c/0x38\nprocess_one_work+0x154/0x4b4\nworker_thread+0x188/0x310\nkthread+0x11c/0x130\nret_from_fork+0x10/0x20\n\nProvide a local variable for val to avoid __ris_msmon_read() dereferencing\na null pointer when adding to val."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/4ad79c874e53ebb7fe3b8ae7ac6c858a2121f415","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/ac3e12bc195786d3d44d730b5b2259fd36191848","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}