CVE-2026-31736

MEDIUM EPSS 2.3%
Published May 1, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled If the gmac0 is disabled, the precheck for a valid ingress device will cause a NULL pointer deref and crash the system. This happens because eth->netdev[0] will be NULL but the code will directly try to access netdev_ops. Instead of just checking for the first net_device, it must be checked if any of the mtk_eth net_devices is matching the netdev_ops of the ingress device.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥6.11  –  <6.12.81
linuxlinux_kernel*≥6.13  –  <6.18.22
linuxlinux_kernel*≥6.19  –  <6.19.12
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 4

  • git.kernel.org https://git.kernel.org/stable/c/0b832aad33e6f160fda310f0306a6483d85e9d6e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5dff799c677152dde963c3917bacd9127b03e145
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7b2380f0a0e374010c1a4a13203511b9dee5b166
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/976ff48c2ac6e6b25b01428c9d7997bcd0fb2949
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0b832aad33e6f160fda310f0306a6483d85e9d6e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5dff799c677152dde963c3917bacd9127b03e145
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7b2380f0a0e374010c1a4a13203511b9dee5b166
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/976ff48c2ac6e6b25b01428c9d7997bcd0fb2949
    Patch