CVE-2026-31744

Published: May 1, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix NULL pointer dereference when perf domain ID is not found dev_energymodel_nl_get_perf_domains_doit() calls em_perf_domain_get_by_id() but does not check the return value before passing it to __em_nl_get_pd_size(). When a caller supplies a non-existent perf domain ID, em_perf_domain_get_by_id() returns NULL, and __em_nl_get_pd_size() immediately dereferences pd->cpus (struct offset 0x30), causing a NULL pointer dereference. The sister handler dev_energymodel_nl_get_perf_table_doit() already handles this correctly via __em_nl_get_pd_table_id(), which returns NULL and causes the caller to return -EINVAL. Add the same NULL check in the get-perf-domains do handler. [ rjw: Subject and changelog edits ]

Vendor	Product	Versions
Linux	Linux	affected `380ff27af25e49e2cb2ff8fd0ecd7c95be2976ee - < ab09b9a1e3b02ff62c5aebe3b12b0cb4cb4ea8ab` affected `380ff27af25e49e2cb2ff8fd0ecd7c95be2976ee - < 9badc2a84e688be1275bb740942d5f6f51746908`
Linux	Linux	affected `6.19` unaffected `0 - < 6.19` unaffected `6.19.12 - <= 6.19.` unaffected `7.0 - <= `

References

https://git.kernel.org/stable/c/ab09b9a1e3b02ff62c5aebe3b12b0cb4cb4ea8ab

https://git.kernel.org/stable/c/9badc2a84e688be1275bb740942d5f6f51746908

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-31744

Description

Affected Products

References