CVE-2026-31744

UNKNOWN 0.0

PM: EM: Fix NULL pointer dereference when perf domain ID is not found

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix NULL pointer dereference when perf domain ID is not found dev_energymodel_nl_get_perf_domains_doit() calls em_perf_domain_get_by_id() but does not check the return value before passing it to __em_nl_get_pd_size(). When a caller supplies a non-existent perf domain ID, em_perf_domain_get_by_id() returns NULL, and __em_nl_get_pd_size() immediately dereferences pd->cpus (struct offset 0x30), causing a NULL pointer dereference. The sister handler dev_energymodel_nl_get_perf_table_doit() already handles this correctly via __em_nl_get_pd_table_id(), which returns NULL and causes the caller to return -EINVAL. Add the same NULL check in the get-perf-domains do handler. [ rjw: Subject and changelog edits ]

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 1, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

380ff27af25e49e2cb2ff8fd0ecd7c95be2976ee < ab09b9a1e3b02ff62c5aebe3b12b0cb4cb4ea8ab 380ff27af25e49e2cb2ff8fd0ecd7c95be2976ee < 9badc2a84e688be1275bb740942d5f6f51746908

Linux / Linux

6.19

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/ab09b9a1e3b02ff62c5aebe3b12b0cb4cb4ea8ab git.kernel.org: https://git.kernel.org/stable/c/9badc2a84e688be1275bb740942d5f6f51746908