atm: lec: fix null-ptr-deref in lec_arp_clear_vccs — CVE-2026-23286

Summary

Advisory CVE-2026-23286. atm: lec: fix null-ptr-deref in lec_arp_clear_vccs Vendor: Microsoft. Source: MSRC. Threat: medium. CVSS 5.5. See the official advisory for details.

What to do

General, cautious steps (verify details in the official source):

• Review exposure and plan remediation based on risk and environment.
• Identify affected product versions in your inventory and verify whether you are impacted.
• Apply vendor patches/updates or recommended mitigations as soon as available.
• Read the official advisory for exact affected versions and remediation steps.

Official advisory

Read the official source

Related advisories

• FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control CVE-2026-5107
• Mariner CVE-2026-21717
• Mariner CVE-2026-21714
• Mariner CVE-2026-21713
• Mariner CVE-2026-21711
• Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects CVE-2026-34043
• brace-expansion: Zero-step sequence causes process hang and memory exhaustion CVE-2026-33750
• Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection CVE-2026-33916
• Libssh: buffer underflow in ssh_get_hexa() on invalid input CVE-2026-0966
• Libssh: improper sanitation of paths received from scp servers CVE-2026-0964
• Mariner CVE-2026-21712
• Mariner CVE-2026-34353