CVE-2026-22982 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
OSV7.8
EPSS
0.0%
top 95.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 23
Latest updateApr 13
Description
In the Linux kernel, the following vulnerability has been resolved:
net: mscc: ocelot: Fix crash when adding interface under a lag
Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag")
fixed a similar issue in the lan966x driver caused by a NULL pointer dereference.
The ocelot_set_aggr_pgids() function in the ocelot driver has similar logic
and is susceptible to the same crash.
This issue specifically affects the ocelot_vsc7514.c frontend, which leaves
unused ports as N…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages6 packages
▶CVEListV5linux/linux528d3f190c98c8f7d9581f68db4af021696727b2 — 8767f238b0e6c3d0b295ac6dce9fbe6a99bd1b9d+6
Patches
🔴Vulnerability Details
9OSV▶
linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities↗2026-03-17