VDB

CVE-2026-31646

CVE-2026-31646 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool() page_pool_create() can return an ERR_PTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through xdp_rxq_info_reg_mem_model() into page_pool_use_xdp_mem(), which dereferences it, causing a kernel oops. Add an IS_ERR check after page_pool_create() to return early on failure.

EPSS 0.02% · 3.3th percentile

Risk Scores

EPSS Score
0.02%
3.3th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel6.2, 6.2, 6.2
LinuxLinux11871aba19748b3387e83a2db6360aa7119e9a1a, 11871aba19748b3387e83a2db6360aa7119e9a1a, 6.2

Timeline

  • Apr 24, 2026 CVE Published
  • Apr 24, 2026 Security Advisory
  • Apr 27, 2026 Security Advisory
  • Apr 27, 2026 CVE Updated
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score
  • May 25, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›