i2c: cp2615: fix serial string NULL-deref at probe

Description

In the Linux kernel, the following vulnerability has been resolved: i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the string exists. Verify that the device has a serial number before accessing it to avoid triggering a NULL-pointer dereference (e.g. with malicious devices).

Affected Products

Vendor	Product	Versions
linux	linux_kernel	4a7695429eade517b07ea72f9ec366130e81a076, 4a7695429eade517b07ea72f9ec366130e81a076, 4a7695429eade517b07ea72f9ec366130e81a076, 4a7695429eade517b07ea72f9ec366130e81a076, 4a7695429eade517b07ea72f9ec366130e81a076, 4a7695429eade517b07ea72f9ec366130e81a076, 4a7695429eade517b07ea72f9ec366130e81a076, 5.13, 6.19.9

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
linux	linux	mitre_affected	90%

References

Related News (3 articles)

Tier A

Microsoft MSRC17h ago

CVE-2026-31549 i2c: cp2615: fix serial string NULL-deref at probe

→ No new info (linked only)

Tier C

VulDB5d ago

CVE-2026-31549 | Linux Kernel up to 6.19.9 i2c null pointer dereference

→ No new info (linked only)

Tier C

Linux Kernel CVEs5d ago

CVE-2026-31549: i2c: cp2615: fix serial string NULL-deref at probe

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

e68c267787778bcdf3d91b06f794faaba7f0d1d14a22af879172336370ae3e81e7f65fb2f69472ee69aece634a7eebafd9a596e5494d52facf6f26ec13ccf9b106bba121728f1625c4375a1bd8f5c5a3a9778298f47036866ea15eeb17242e8a4612580fefe996bcfe50c2dcc6cf65c574285713b722ced7aa79f996eb41e95aed85a1bd7f56bcd6a384200805.15.2036.1.1676.6.1306.12.786.18.206.19.107.0

PublishedApr 24, 2026

Last enriched5d agov3

Trending Score59

Source articles3

Independent3

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack