CVE-2026-31549

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The cp2615 driver uses the USB device serial string as the i2c adapter name without verifying that the string exists. This can lead to a NULL-pointer dereference, which occurs when the software attempts to read from a memory address that is null, potentially causing a system crash, especially when interacting with malicious devices.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.