5.5

CVE-2026-31646

net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()

In the Linux kernel, the following vulnerability has been resolved:

net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()

page_pool_create() can return an ERR_PTR on failure. The return value
is used unconditionally in the loop that follows, passing the error
pointer through xdp_rxq_info_reg_mem_model() into page_pool_use_xdp_mem(),
which dereferences it, causing a kernel oops.

Add an IS_ERR check after page_pool_create() to return early on failure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.2.1 < 6.6.135
LinuxLinux Kernel Version >= 6.7 < 6.12.82
LinuxLinux Kernel Version >= 6.13 < 6.18.23
LinuxLinux Kernel Version >= 6.19 < 6.19.13
LinuxLinux Kernel Version6.2 Update-
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
LinuxLinux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.023
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/e63265f188ea39dcf5f546770650027528f3bd0f
Patch
https://git.kernel.org/stable/c/305832c53551cfbe6e5b81ca7ee765e60f4fe8e9
Patch
https://git.kernel.org/stable/c/b5dcb41ba891b55157006cac79825c78a32b409e
Patch
https://git.kernel.org/stable/c/7caf90d9ab97951a58d1de85ab7e7d7cca7a4513
Patch
https://git.kernel.org/stable/c/3fd0da4fd8851a7e62d009b7db6c4a05b092bc19
Patch