-

CVE-2026-22982

EPSS 0.03%
Veröffentlicht 23.01.2026 15:24:04
Zuletzt bearbeitet 26.01.2026 15:03:51
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: mscc: ocelot: Fix crash when adding interface under a lag

Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag")
fixed a similar issue in the lan966x driver caused by a NULL pointer dereference.
The ocelot_set_aggr_pgids() function in the ocelot driver has similar logic
and is susceptible to the same crash.

This issue specifically affects the ocelot_vsc7514.c frontend, which leaves
unused ports as NULL pointers. The felix_vsc9959.c frontend is unaffected as
it uses the DSA framework which registers all ports.

Fix this by checking if the port pointer is valid before accessing it.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 8767f238b0e6c3d0b295ac6dce9fbe6a99bd1b9d

Version 528d3f190c98c8f7d9581f68db4af021696727b2

Status affected

Version < b17818307446c5a8d925a39a792261dbfa930041

Version 528d3f190c98c8f7d9581f68db4af021696727b2

Status affected

Version < 2985712dc76dfa670eb7fd607c09d4d48e5f5c6e

Version 528d3f190c98c8f7d9581f68db4af021696727b2

Status affected

Version < 03fb1708b7d1e76aecebf767ad059c319845039f

Version 528d3f190c98c8f7d9581f68db4af021696727b2

Status affected

Version < f490af47bbee02441e356a1e0b86e3b3dd5120ff

Version 528d3f190c98c8f7d9581f68db4af021696727b2

Status affected

Version < 34f3ff52cb9fa7dbf04f5c734fcc4cb6ed5d1a95

Version 528d3f190c98c8f7d9581f68db4af021696727b2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.12

Status affected

Version < 5.12

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.161

Status unaffected

Version <= 6.6.*

Version 6.6.121

Status unaffected

Version <= 6.12.*

Version 6.12.66

Status unaffected

Version <= 6.18.*

Version 6.18.6

Status unaffected

Version <= *

Version 6.19-rc5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/8767f238b0e6c3d0b295ac6dce9fbe6a99bd1b9d

https://git.kernel.org/stable/c/b17818307446c5a8d925a39a792261dbfa930041

https://git.kernel.org/stable/c/2985712dc76dfa670eb7fd607c09d4d48e5f5c6e

https://git.kernel.org/stable/c/03fb1708b7d1e76aecebf767ad059c319845039f

https://git.kernel.org/stable/c/f490af47bbee02441e356a1e0b86e3b3dd5120ff

https://git.kernel.org/stable/c/34f3ff52cb9fa7dbf04f5c734fcc4cb6ed5d1a95

https://nvd.nist.gov/vuln/detail/CVE-2026-22982

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22982

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22982

EUVD