CVE-2026-22982

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: mscc: ocelot: Fix crash when adding interface under a lag

Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag") fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The ocelot_set_aggr_pgids() function in the ocelot driver has similar logic and is susceptible to the same crash.

This issue specifically affects the ocelot_vsc7514.c frontend, which leaves unused ports as NULL pointers. The felix_vsc9959.c frontend is unaffected as it uses the DSA framework which registers all ports.

Fix this by checking if the port pointer is valid before accessing it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux528d3f190c98c8f7d9581f68db4af021696727b2 < 8767f238b0e6c3d0b295ac6dce9fbe6a99bd1b9daffected
LinuxLinux528d3f190c98c8f7d9581f68db4af021696727b2 < b17818307446c5a8d925a39a792261dbfa930041affected
LinuxLinux528d3f190c98c8f7d9581f68db4af021696727b2 < 2985712dc76dfa670eb7fd607c09d4d48e5f5c6eaffected
LinuxLinux528d3f190c98c8f7d9581f68db4af021696727b2 < 03fb1708b7d1e76aecebf767ad059c319845039faffected
LinuxLinux528d3f190c98c8f7d9581f68db4af021696727b2 < f490af47bbee02441e356a1e0b86e3b3dd5120ffaffected
LinuxLinux528d3f190c98c8f7d9581f68db4af021696727b2 < 34f3ff52cb9fa7dbf04f5c734fcc4cb6ed5d1a95affected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.15.198 <= 5.15.*unaffected
LinuxLinux6.1.161 <= 6.1.*unaffected
LinuxLinux6.6.121 <= 6.6.*unaffected
LinuxLinux6.12.66 <= 6.12.*unaffected
LinuxLinux6.18.6 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References