CVE-2026-31559

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

5.5 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H                                    

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: Fix missing NULL checks for kstrdup()

1. Replace "of_find_node_by_path("/")" with "of_root" to avoid multiple
calls to "of_node_put()".

2. Fix a potential kernel oops during early boot when memory allocation
fails while parsing CPU model from device tree.

Vulnerability Details

Published Date

April 24, 2026

Last Modified

April 27, 2026

CWE ID

CWE-476

Source

NVD

Vendor

Linux

Product

Linux

External References

https://git.kernel.org/stable/c/3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1
https://git.kernel.org/stable/c/5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0
https://git.kernel.org/stable/c/a1da957c25cf751a2dce8fb7777f82ccbac0cb3e
https://git.kernel.org/stable/c/b61a309743322fb57fb9afa9aa3495ac758e4f5e

CVE-2026-31559

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment