{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "529aa8cb0a59367d08883f818e8c47028e819d0d"
            },
            {
              "fixed": "993708fc18d0d0919db438361b4e8c1f980a8d1b"
            },
            {
              "fixed": "af673209d43b46257540997aba042b90ef3258c0"
            },
            {
              "fixed": "eb214804f03c829decf10998e9b7dd26f4c8ab9e"
            },
            {
              "fixed": "9cf4b9b8ad09d6e05307abc4e951cabdff4be652"
            },
            {
              "fixed": "da6e06a5fdbabea3870d18c227734b5dea5b3be6"
            },
            {
              "fixed": "97528b1622b8f129574d29a571c32a3c85eafa3c"
            },
            {
              "fixed": "fe747d7112283f47169e9c16e751179a9b38611e"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23237.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: classmate-laptop: Add missing NULL pointer checks\n\nIn a few places in the Classmate laptop driver, code using the accel\nobject may run before that object's address is stored in the driver\ndata of the input device using it.\n\nFor example, cmpc_accel_sensitivity_store_v4() is the \"show\" method\nof cmpc_accel_sensitivity_attr_v4 which is added in cmpc_accel_add_v4(),\nbefore calling dev_set_drvdata() for inputdev-\u003edev.  If the sysfs\nattribute is accessed prematurely, the dev_get_drvdata(\u0026inputdev-\u003edev)\ncall in in cmpc_accel_sensitivity_store_v4() returns NULL which\nleads to a NULL pointer dereference going forward.\n\nMoreover, sysfs attributes using the input device are added before\ninitializing that device by cmpc_add_acpi_notify_device() and if one\nof them is accessed before running that function, a NULL pointer\ndereference will occur.\n\nFor example, cmpc_accel_sensitivity_attr_v4 is added before calling\ncmpc_add_acpi_notify_device() and if it is read prematurely, the\ndev_get_drvdata(\u0026acpi-\u003edev) call in cmpc_accel_sensitivity_show_v4()\nreturns NULL which leads to a NULL pointer dereference going forward.\n\nFix this by adding NULL pointer checks in all of the relevant places.",
  "id": "CVE-2026-23237",
  "modified": "2026-04-01T23:09:14.823138420Z",
  "published": "2026-03-04T14:38:41.815Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/97528b1622b8f129574d29a571c32a3c85eafa3c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/993708fc18d0d0919db438361b4e8c1f980a8d1b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9cf4b9b8ad09d6e05307abc4e951cabdff4be652"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/af673209d43b46257540997aba042b90ef3258c0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/da6e06a5fdbabea3870d18c227734b5dea5b3be6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/eb214804f03c829decf10998e9b7dd26f4c8ab9e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fe747d7112283f47169e9c16e751179a9b38611e"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23237.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23237"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.3",
  "summary": "platform/x86: classmate-laptop: Add missing NULL pointer checks"
}