CVE-2026-31744

Published: Mag 01, 2026 Last Modified: Mag 01, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

PM: EM: Fix NULL pointer dereference when perf domain ID is not found

dev_energymodel_nl_get_perf_domains_doit() calls
em_perf_domain_get_by_id() but does not check the return value before
passing it to __em_nl_get_pd_size(). When a caller supplies a
non-existent perf domain ID, em_perf_domain_get_by_id() returns NULL,
and __em_nl_get_pd_size() immediately dereferences pd->cpus
(struct offset 0x30), causing a NULL pointer dereference.

The sister handler dev_energymodel_nl_get_perf_table_doit() already
handles this correctly via __em_nl_get_pd_table_id(), which returns
NULL and causes the caller to return -EINVAL. Add the same NULL check
in the get-perf-domains do handler.

[ rjw: Subject and changelog edits ]

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,0th

Updated

EPSS Score Trend (Last 2 Days)

https://git.kernel.org/stable/c/9badc2a84e688be1275bb740942…

https://git.kernel.org/stable/c/9badc2a84e688be1275bb740942d5f6f51746908

https://git.kernel.org/stable/c/ab09b9a1e3b02ff62c5aebe3b12…

https://git.kernel.org/stable/c/ab09b9a1e3b02ff62c5aebe3b12b0cb4cb4ea8ab

CVE-2026-31744

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 2 Days)

Iscriviti alla newsletter