CVE-2026-31660

UNKNOWN 0.0

nfc: pn533: allocate rx skb before consuming bytes

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: allocate rx skb before consuming bytes pn532_receive_buf() reports the number of accepted bytes to the serdev core. The current code consumes bytes into recv_skb and may already hand a complete frame to pn533_recv_frame() before allocating a fresh receive buffer. If that alloc_skb() fails, the callback returns 0 even though it has already consumed bytes, and it leaves recv_skb as NULL for the next receive callback. That breaks the receive_buf() accounting contract and can also lead to a NULL dereference on the next skb_put_u8(). Allocate the receive skb lazily before consuming the next byte instead. If allocation fails, return the number of bytes already accepted.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 24, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 2ca64fb7e2d2ae14619dd204d4f2f0a601f421fb c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 8b71299d587d9e4c830c18afb884c80ddb30ad28 c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 16649adc2e19509104245ea1f349b629d858f11f c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 07cb6c72e66ba548679f22ac29ad588da8999279 c656aa4c27b17a8c70da223ed5ab42145800d6b5 < a9495069b43b8634c1ae0042e888766c34f66637 c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 21ae2cda66a55c759607bbf1d23cbaa42019d2de c656aa4c27b17a8c70da223ed5ab42145800d6b5 < 7e37da42eda45d7859d9273fc7e225d8df458038 c656aa4c27b17a8c70da223ed5ab42145800d6b5 < c71ba669b570c7b3f86ec875be222ea11dacb352

Linux / Linux

5.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗