CVE-2026-23006

MEDIUM

Linux Kernel - Null Pointer

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null pointer The "snd_soc_component" in "adcx140_priv" was only used once but never set. It was only used for reaching "dev" which is already present in "adcx140_priv".

References (5)

[Patch] https://git.kernel.org/stable/c/53bd838ed5950cb18927e4b2e8ee841b7cb10929

[Patch] https://git.kernel.org/stable/c/61757f5191daab863d25f03680e912b5449a1eed

[Patch] https://git.kernel.org/stable/c/659939d08e5f7bc17b941c53e8c9c0a6c6113b21

[Patch] https://git.kernel.org/stable/c/954260a32c21d5072d8e7253c0a8b1627927cb02

[Patch] https://git.kernel.org/stable/c/be7664c81d3129fc313ef62ff275fd3d33cfecd4

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 0.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (7)

linux/Kernel 6.1.0 - 6.1.162linux

linux/Kernel 6.13.0 - 6.18.7linux

linux/Kernel 6.2.0 - 6.6.122linux

linux/Kernel 6.7.0 - 6.12.67linux

linux/linux_kernel 6.1

linux/linux_kernel 6.19 rc1 (8 CPE variants)

linux/linux_kernel 6.1.1 - 6.1.162

Published Jan 25, 2026

Tracked Since Feb 18, 2026