A flaw was found in the Linux kernel's cp2615 driver. A malicious device can exploit this vulnerability by not providing a USB device serial string. This improper handling of the serial string during the i2c adapter name assignment can trigger a NULL-pointer dereference, leading to a system crash and resulting in a Denial of Service (DoS).

Red Hat Enterprise Linux 10 Not affected kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Not affected kernel Red Hat Enterprise Linux 8 Not affected kernel-rt Red Hat Enterprise Linux 9 Not affected kernel Red Hat Enterprise Linux 9 Not affected kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-31549 https://nvd.nist.gov/vuln/detail/CVE-2026-31549 https://lore.kernel.org/linux-cve-announce/2026042426-CVE-2026-31549-81f8@gregkh/T