{"id":"CVE-2026-23237","summary":"platform/x86: classmate-laptop: Add missing NULL pointer checks","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: classmate-laptop: Add missing NULL pointer checks\n\nIn a few places in the Classmate laptop driver, code using the accel\nobject may run before that object's address is stored in the driver\ndata of the input device using it.\n\nFor example, cmpc_accel_sensitivity_store_v4() is the \"show\" method\nof cmpc_accel_sensitivity_attr_v4 which is added in cmpc_accel_add_v4(),\nbefore calling dev_set_drvdata() for inputdev-\u003edev.  If the sysfs\nattribute is accessed prematurely, the dev_get_drvdata(&inputdev-\u003edev)\ncall in in cmpc_accel_sensitivity_store_v4() returns NULL which\nleads to a NULL pointer dereference going forward.\n\nMoreover, sysfs attributes using the input device are added before\ninitializing that device by cmpc_add_acpi_notify_device() and if one\nof them is accessed before running that function, a NULL pointer\ndereference will occur.\n\nFor example, cmpc_accel_sensitivity_attr_v4 is added before calling\ncmpc_add_acpi_notify_device() and if it is read prematurely, the\ndev_get_drvdata(&acpi-\u003edev) call in cmpc_accel_sensitivity_show_v4()\nreturns NULL which leads to a NULL pointer dereference going forward.\n\nFix this by adding NULL pointer checks in all of the relevant places.","modified":"2026-04-02T13:12:16.892456Z","published":"2026-03-04T14:38:41.815Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23237.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/97528b1622b8f129574d29a571c32a3c85eafa3c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/993708fc18d0d0919db438361b4e8c1f980a8d1b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9cf4b9b8ad09d6e05307abc4e951cabdff4be652"},{"type":"WEB","url":"https://git.kernel.org/stable/c/af673209d43b46257540997aba042b90ef3258c0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/da6e06a5fdbabea3870d18c227734b5dea5b3be6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/eb214804f03c829decf10998e9b7dd26f4c8ab9e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fe747d7112283f47169e9c16e751179a9b38611e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23237.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23237"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"529aa8cb0a59367d08883f818e8c47028e819d0d"},{"fixed":"993708fc18d0d0919db438361b4e8c1f980a8d1b"},{"fixed":"af673209d43b46257540997aba042b90ef3258c0"},{"fixed":"eb214804f03c829decf10998e9b7dd26f4c8ab9e"},{"fixed":"9cf4b9b8ad09d6e05307abc4e951cabdff4be652"},{"fixed":"da6e06a5fdbabea3870d18c227734b5dea5b3be6"},{"fixed":"97528b1622b8f129574d29a571c32a3c85eafa3c"},{"fixed":"fe747d7112283f47169e9c16e751179a9b38611e"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23237.json"}}],"schema_version":"1.7.5"}