CVE-2026-23309

tracing: Add NULL pointer check to trigger_data_free()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: tracing: Add NULL pointer check to trigger_data_free() If trigger_data_alloc() fails and returns NULL, event_hist_trigger_parse()
jumps to the out_free error path. While kfree() safely handles a NULL
pointer, trigger_data_free() does not. This causes a NULL pointer
dereference in trigger_data_free() when evaluating
data->cmd_ops->set_filter. Fix the problem by adding a NULL pointer check to trigger_data_free(). The problem was found by an experimental code review agent based on
gemini-3.1-pro while reviewing backports into v6.18.y.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-01-13 CVE Reserved
2026-03-25 CVE Published
2026-03-25 CVE Updated
2026-03-31 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (12)

URL	Tag	Source
https://git.kernel.org/stable/c/c10f0efe57728508d796ae4ba7abe4c14ec3d8ef	Vuln. Introduced
https://git.kernel.org/stable/c/7e6556e9329bc484e9dcdab6e346d959267c0636	Vuln. Introduced
https://git.kernel.org/stable/c/9b0513905e0598b9f8cfccab8e47497aed5d935d	Vuln. Introduced
https://git.kernel.org/stable/c/335dfe4bc6368e70e8c15419375cf609c4f85558	Vuln. Introduced
https://git.kernel.org/stable/c/e42efbe9754da78eafe11f6bd3ca9c8a094a752a	Vuln. Introduced
https://git.kernel.org/stable/c/0550069cc25f513ce1f109c88f7c1f01d63297db	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/13dcd9269e225e4c4ceabdaeebe2ce4661b54c6e	2026-03-25
https://git.kernel.org/stable/c/59c15b9cc453b74beb9f04c6c398717e73612dc3	2026-03-25
https://git.kernel.org/stable/c/42b380f97d65e76e7b310facd525f730272daf57	2026-03-13
https://git.kernel.org/stable/c/2ce8ece5a78da67834db7728edc801889a64f643	2026-03-12
https://git.kernel.org/stable/c/477469223b2b840f436ce204333de87cb17e5d93	2026-03-12
https://git.kernel.org/stable/c/457965c13f0837a289c9164b842d0860133f6274	2026-03-06

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.165 < 6.1.167 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.165 < 6.1.167"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.128 < 6.6.130 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.128 < 6.6.130"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12.75 < 6.12.77 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12.75 < 6.12.77"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.18.14 < 6.18.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.18.14 < 6.18.17"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.19.4 < 6.19.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.19.4 < 6.19.7"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 7.0-rc1 < 7.0-rc3 Search vendor "Linux" for product "Linux Kernel" and version " >= 7.0-rc1 < 7.0-rc3"		en		Affected