CVE-2026-31736 Common Vulnerabilities and Exposures

Upstream information

CVE-2026-31736 at MITRE

Description

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled

If the gmac0 is disabled, the precheck for a valid ingress device will
cause a NULL pointer deref and crash the system. This happens because
eth->netdev[0] will be NULL but the code will directly try to access
netdev_ops.

Instead of just checking for the first net_device, it must be checked if
any of the mtk_eth net_devices is matching the netdev_ops of the ingress
device.

SUSE information

Overall state of this security issue: Does not affect SUSE products

SUSE Bugzilla entry: 1263908 [NEW]

No SUSE Security Announcements cross referenced.

SUSE Timeline for this CVE

CVE page created: Mon May 4 17:21:47 2026
CVE page last modified: Mon May 4 17:21:47 2026