CVE-2026-31660

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the NFC PN533 component where the pn532 receive buf() function may fail to allocate a fresh receive buffer before consuming bytes. If the alloc skb() function fails, the callback returns 0 despite having already consumed bytes, leaving the recv skb variable as NULL. This behavior violates the receive buffer accounting contract and can lead to a NULL pointer dereference during the subsequent skb put u8() operation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.