CVE-2026-31559 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup() 1. Replace "of_find_node_by_path("/")" with "of_root" to avoid multiple calls to "of_node_put()". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU model from device tree.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1
https://git.kernel.org/stable/c/5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0
https://git.kernel.org/stable/c/a1da957c25cf751a2dce8fb7777f82ccbac0cb3e
https://git.kernel.org/stable/c/b61a309743322fb57fb9afa9aa3495ac758e4f5e

History

Fri, 24 Apr 2026 15:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup() 1. Replace "of_find_node_by_path("/")" with "of_root" to avoid multiple calls to "of_node_put()". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU model from device tree.
Title		LoongArch: Fix missing NULL checks for kstrdup()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1 https://git.kernel.org/stable/c/5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0 https://git.kernel.org/stable/c/a1da957c25cf751a2dce8fb7777f82ccbac0cb3e https://git.kernel.org/stable/c/b61a309743322fb57fb9afa9aa3495ac758e4f5e

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-04-24T14:35:41.961Z

Updated: 2026-04-24T14:35:41.961Z

Reserved: 2026-03-09T15:48:24.116Z

Link: CVE-2026-31559

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-04-24T15:16:30.300

Modified: 2026-04-24T17:51:40.810

Link: CVE-2026-31559

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31559", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.116Z", "datePublished": "2026-04-24T14:35:41.961Z", "dateUpdated": "2026-04-24T14:35:41.961Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-24T14:35:41.961Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Fix missing NULL checks for kstrdup()\n\n1. Replace \"of_find_node_by_path(\"/\")\" with \"of_root\" to avoid multiple\ncalls to \"of_node_put()\".\n\n2. Fix a potential kernel oops during early boot when memory allocation\nfails while parsing CPU model from device tree."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/loongarch/kernel/env.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "a1da957c25cf751a2dce8fb7777f82ccbac0cb3e", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "b61a309743322fb57fb9afa9aa3495ac758e4f5e", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/loongarch/kernel/env.c"], "versions": [{"version": "6.12.80", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.21", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.11", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.80"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.18.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.19.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/5e7fde2c551f86e6c3de3fd7a9b1f52806ac8db0"}, {"url": "https://git.kernel.org/stable/c/a1da957c25cf751a2dce8fb7777f82ccbac0cb3e"}, {"url": "https://git.kernel.org/stable/c/b61a309743322fb57fb9afa9aa3495ac758e4f5e"}, {"url": "https://git.kernel.org/stable/c/3a28daa9b7d7c2ddf2c722e9e95d7e0928bf0cd1"}], "title": "LoongArch: Fix missing NULL checks for kstrdup()", "x_generator": {"engine": "bippy-1.2.0"}}}}