{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31559", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.116Z", "datePublished": "2026-04-24T14:35:41.961Z", "dateUpdated": "2026-05-11T22:11:07.676Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:11:07.676Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Fix missing NULL checks for kstrdup()\n\n1. Replace \"of_find_node_by_path(\"/\")\" with \"of_root\" to avoid multiple\ncalls to \"of_node_put()\".\n\n2. Fix a potential kernel oops during early boot when memory allocation\nfails while parsing CPU model from device tree."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/loongarch/kernel/env.c"], "versions": [{"version": "facc69f43502c135c16b97d5ded7253f15597912", "lessThan": "5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0", "status": "affected", "versionType": "git"}, {"version": "70a2365e18affc5ebdaab1ca6a0b3c4f3aac2ee8", "lessThan": "a1da957c25cf751a2dce8fb7777f82ccbac0cb3e", "status": "affected", "versionType": "git"}, {"version": "70a2365e18affc5ebdaab1ca6a0b3c4f3aac2ee8", "lessThan": "b61a309743322fb57fb9afa9aa3495ac758e4f5e", "status": "affected", "versionType": "git"}, {"version": "70a2365e18affc5ebdaab1ca6a0b3c4f3aac2ee8", "lessThan": "3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1", "status": "affected", "versionType": "git"}, {"version": "620805dc674eab3055543496a7ef25beb9ffd2a8", "status": "affected", "versionType": "git"}, {"version": "8dfeedf9eceadc1a2fc9066b4c5230690d1cad48", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/loongarch/kernel/env.c"], "versions": [{"version": "6.17", "status": "affected"}, {"version": "0", "lessThan": "6.17", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.80", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.21", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.11", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12.43", "versionEndExcluding": "6.12.80"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.18.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.19.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "7.0"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16.2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0"}, {"url": "https://git.kernel.org/stable/c/a1da957c25cf751a2dce8fb7777f82ccbac0cb3e"}, {"url": "https://git.kernel.org/stable/c/b61a309743322fb57fb9afa9aa3495ac758e4f5e"}, {"url": "https://git.kernel.org/stable/c/3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1"}], "title": "LoongArch: Fix missing NULL checks for kstrdup()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7CE6A43-928A-4E74-83AF-3208B2BE7109", "versionEndExcluding": "6.12.80", "versionStartIncluding": "6.12.43", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "53FE35DC-2528-48D7-A855-1127CA02EE4D", "versionEndExcluding": "6.16", "versionStartIncluding": "6.15.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B868A3A9-BFE7-42B2-BEFD-D2CCDCB3827F", "versionEndExcluding": "6.17", "versionStartIncluding": "6.16.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "44CB3599-9974-4F35-B3CC-580CAC6FA38B", "versionEndExcluding": "6.18.21", "versionStartIncluding": "6.17.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CA2E747-A9EC-4518-9AA2-B4247FC748B7", "versionEndExcluding": "6.19.11", "versionStartIncluding": "6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.17:-:*:*:*:*:*:*", "matchCriteriaId": "7CC8B11D-82DC-4958-8DC7-BF5CC829A5E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*", "matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Fix missing NULL checks for kstrdup()\n\n1. Replace \"of_find_node_by_path(\"/\")\" with \"of_root\" to avoid multiple\ncalls to \"of_node_put()\".\n\n2. Fix a potential kernel oops during early boot when memory allocation\nfails while parsing CPU model from device tree."}], "id": "CVE-2026-31559", "lastModified": "2026-04-27T20:13:21.960", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-24T15:16:30.300", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a1da957c25cf751a2dce8fb7777f82ccbac0cb3e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b61a309743322fb57fb9afa9aa3495ac758e4f5e"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: LoongArch: Fix missing NULL checks for kstrdup()", "id": "2461517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461517"}, "csaw": false, "cwe": "CWE-476", "details": ["A flaw was found in the Linux kernel. During the system's initial startup, a critical error can occur if memory allocation fails while the system is reading CPU information. This is due to a missing check for empty or invalid data when duplicating strings, which can lead to a system crash, resulting in a Denial of Service (DoS)."], "name": "CVE-2026-31559", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31559\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31559\nhttps://lore.kernel.org/linux-cve-announce/2026042458-CVE-2026-31559-01e9@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[facc69f43502c135c16b97d5ded7253f15597912,5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[70a2365e18affc5ebdaab1ca6a0b3c4f3aac2ee8,a1da957c25cf751a2dce8fb7777f82ccbac0cb3e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[70a2365e18affc5ebdaab1ca6a0b3c4f3aac2ee8,b61a309743322fb57fb9afa9aa3495ac758e4f5e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[70a2365e18affc5ebdaab1ca6a0b3c4f3aac2ee8,3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "620805dc674eab3055543496a7ef25beb9ffd2a8"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "8dfeedf9eceadc1a2fc9066b4c5230690d1cad48"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.17"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.17)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.80,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.21,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.11,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-28T20:19:08.842896+00:00", "value": {"mitigation_remediation": ["Upgrade the Linux kernel to a version that contains commit 3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1, which adds NULL checks to kstrdup() during early boot.", "If an immediate kernel upgrade is not feasible, manually apply the patch from the commit to your current kernel source and rebuild the kernel, ensuring the NULL check is present before rebooting.", "Review custom or third\u2011party drivers that call kstrdup() during boot and patch or disable them until the kernel fix is applied."], "summary": {"action": "Apply Patch", "impact": "Denial of Service (kernel crash)"}, "threat_synthesis": {"affected_systems": "Affected systems include all Linux kernel releases prior to the fix, namely versions up to 6.17 and the 7.0 release candidates rc1 through rc7. Any system running an unpatched kernel and an unmodified or potentially exploitable device tree is susceptible.", "description_and_impact": "The Linux kernel\u2019s early boot routine contains a flaw where a string duplication function (kstrdup()) is called without verifying that the result of a memory allocation is not NULL. If a memory allocation fails while parsing the CPU model from the device tree, the kernel dereferences a NULL pointer, leading to an oops and system crash. The weakness is classified as CWE\u2011476: NULL pointer dereference, which results in a denial\u2011of\u2011service by crashing the kernel during boot.", "risk_and_exploitability": "The vulnerability has a CVSS score of 5.5 and an EPSS score of less than 1\u202f%. It is not listed in CISA\u2019s KEV catalog. The likely attack vector requires local access or the ability to alter the device tree, inferred from the description that the fault occurs during early boot while parsing the device tree. Given the narrow exposure window and low exploitation probability, the overall risk is moderate, but a kernel crash remains a severe outcome."}}}}, "created": "2026-04-27T19:15:11.613822+00:00", "updated": "2026-04-28T20:30:06.176870+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}