{ "affected": [ { "ranges": [ { "events": [ { "introduced": "c10f0efe57728508d796ae4ba7abe4c14ec3d8ef" }, { "fixed": "13dcd9269e225e4c4ceabdaeebe2ce4661b54c6e" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" }, { "events": [ { "introduced": "7e6556e9329bc484e9dcdab6e346d959267c0636" }, { "fixed": "59c15b9cc453b74beb9f04c6c398717e73612dc3" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" }, { "events": [ { "introduced": "9b0513905e0598b9f8cfccab8e47497aed5d935d" }, { "fixed": "42b380f97d65e76e7b310facd525f730272daf57" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" }, { "events": [ { "introduced": "335dfe4bc6368e70e8c15419375cf609c4f85558" }, { "fixed": "2ce8ece5a78da67834db7728edc801889a64f643" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" }, { "events": [ { "introduced": "e42efbe9754da78eafe11f6bd3ca9c8a094a752a" }, { "fixed": "477469223b2b840f436ce204333de87cb17e5d93" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" }, { "events": [ { "introduced": "0550069cc25f513ce1f109c88f7c1f01d63297db" }, { "fixed": "457965c13f0837a289c9164b842d0860133f6274" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" } ] }, { "package": { "ecosystem": "Linux", "name": "Kernel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "6.1.167" } ], "type": "ECOSYSTEM" }, { "events": [ { "introduced": "6.2.0" }, { "fixed": "6.6.130" } ], "type": "ECOSYSTEM" }, { "events": [ { "introduced": "6.7.0" }, { "fixed": "6.12.77" } ], "type": "ECOSYSTEM" }, { "events": [ { "introduced": "6.13.0" }, { "fixed": "6.18.17" } ], "type": "ECOSYSTEM" }, { "events": [ { "introduced": "6.19.0" }, { "fixed": "6.19.7" } ], "type": "ECOSYSTEM" } ] } ], "database_specific": { "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23309.json" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Add NULL pointer check to trigger_data_free()\n\nIf trigger_data_alloc() fails and returns NULL, event_hist_trigger_parse()\njumps to the out_free error path. While kfree() safely handles a NULL\npointer, trigger_data_free() does not. This causes a NULL pointer\ndereference in trigger_data_free() when evaluating\ndata-\u003ecmd_ops-\u003eset_filter.\n\nFix the problem by adding a NULL pointer check to trigger_data_free().\n\nThe problem was found by an experimental code review agent based on\ngemini-3.1-pro while reviewing backports into v6.18.y.", "id": "CVE-2026-23309", "modified": "2026-04-01T23:07:56.440924987Z", "published": "2026-03-25T10:27:04.828Z", "references": [ { "type": "PACKAGE", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/13dcd9269e225e4c4ceabdaeebe2ce4661b54c6e" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/2ce8ece5a78da67834db7728edc801889a64f643" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/42b380f97d65e76e7b310facd525f730272daf57" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/457965c13f0837a289c9164b842d0860133f6274" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/477469223b2b840f436ce204333de87cb17e5d93" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/59c15b9cc453b74beb9f04c6c398717e73612dc3" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23309.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23309" } ], "schema_version": "1.7.3", "summary": "tracing: Add NULL pointer check to trigger_data_free()" }