CVE-2026-31552

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the wifi wlcore component where the wl1271 tx allocate() and wl1271 prepare tx frame() functions return -EAGAIN when pskb expand head() fails due to insufficient headroom. The wlcore tx work locked() function interprets this -EAGAIN return value as a full aggregation buffer, leading it to flush the buffer and immediately retry the same socket buffer (skb) in a tight loop. Because this process occurs while holding wl->mutex and uses GFP ATOMIC for retries, it results in an infinite loop and a CPU soft lockup.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.