CVE-2026-22982 PUBLISHED

net: mscc: ocelot: Fix crash when adding interface under a lag

Assigner: Linux
Reserved: 13.01.2026 Published: 23.01.2026 Updated: 23.01.2026

In the Linux kernel, the following vulnerability has been resolved:

net: mscc: ocelot: Fix crash when adding interface under a lag

Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag") fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The ocelot_set_aggr_pgids() function in the ocelot driver has similar logic and is susceptible to the same crash.

This issue specifically affects the ocelot_vsc7514.c frontend, which leaves unused ports as NULL pointers. The felix_vsc9959.c frontend is unaffected as it uses the DSA framework which registers all ports.

Fix this by checking if the port pointer is valid before accessing it.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 528d3f190c98c8f7d9581f68db4af021696727b2 to 8767f238b0e6c3d0b295ac6dce9fbe6a99bd1b9d (excl.)
  • affected from 528d3f190c98c8f7d9581f68db4af021696727b2 to b17818307446c5a8d925a39a792261dbfa930041 (excl.)
  • affected from 528d3f190c98c8f7d9581f68db4af021696727b2 to 2985712dc76dfa670eb7fd607c09d4d48e5f5c6e (excl.)
  • affected from 528d3f190c98c8f7d9581f68db4af021696727b2 to 03fb1708b7d1e76aecebf767ad059c319845039f (excl.)
  • affected from 528d3f190c98c8f7d9581f68db4af021696727b2 to f490af47bbee02441e356a1e0b86e3b3dd5120ff (excl.)
  • affected from 528d3f190c98c8f7d9581f68db4af021696727b2 to 34f3ff52cb9fa7dbf04f5c734fcc4cb6ed5d1a95 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 5.12 is affected
  • unaffected from 0 to 5.12 (excl.)
  • unaffected from 5.15.198 to 5.15.* (incl.)
  • unaffected from 6.1.161 to 6.1.* (incl.)
  • unaffected from 6.6.121 to 6.6.* (incl.)
  • unaffected from 6.12.66 to 6.12.* (incl.)
  • unaffected from 6.18.6 to 6.18.* (incl.)
  • unaffected from 6.19-rc5 to * (incl.)

References