CVE-2026-31559

5.5 MEDIUM

Published: April 24, 2026 Modified: April 27, 2026

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup() 1. Replace "of_find_node_by_path("/")" with "of_root" to avoid multiple calls to "of_node_put()". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU model from device tree.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://git.kernel.org/stable/c/3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/a1da957c25cf751a2dce8fb7777f82ccbac0cb3e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b61a309743322fb57fb9afa9aa3495ac758e4f5e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

4 reference(s) from NVD

Quick Stats

CVSS v3 Score

5.5 / 10.0

EPSS (Exploit Probability)

0.0%

2th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-476

Affected Vendors

linux

Related CVEs

CVE-2026-7779 4.3

CVE-2026-42238 N/A

CVE-2026-42223 6.5

CVE-2026-42222 8.1

CVE-2026-42221 8.1