CVE-2026-31737

net: ftgmac100: fix ring allocation unwind on open failure

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100_alloc_rings() allocates rx_skbs, tx_skbs, rxdes, txdes, and
rx_scratch in stages. On intermediate failures it returned -ENOMEM
directly, leaking resources allocated earlier in the function. Rework the failure path to use staged local unwind labels and free
allocated resources in reverse order before returning -ENOMEM. This
matches common netdev allocation cleanup style.

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-03-09 CVE Reserved
2026-05-01 CVE Published
2026-05-08 EPSS Updated
2026-05-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/d72e01a0430f8a1ae7adb3cbf0b2e73fcd99252e	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/184b3a500d60ea48d1b176103cff1706c456edf3	2026-04-18
https://git.kernel.org/stable/c/78da43320d9d6ed788147fb085184e4fc801f057	2026-04-18
https://git.kernel.org/stable/c/a7e1bf392acf11dc4209820fef75758f6e42bd65	2026-04-11
https://git.kernel.org/stable/c/8a71911fc7eeea930153322bc1efc065db8cd97e	2026-04-11
https://git.kernel.org/stable/c/d45230081f19c280096241353c26b0de457de795	2026-04-11
https://git.kernel.org/stable/c/8351d18989c8642fc53e2e12d94e42314a39b078	2026-04-11
https://git.kernel.org/stable/c/82f86111f0704ab2ded11a2033bc6cf0be3e09ea	2026-04-11
https://git.kernel.org/stable/c/c0fd0fe745f5e8c568d898cd1513d0083e46204a	2026-04-01

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.10.253 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.10.253"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.15.203 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.15.203"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 6.1.168 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 6.1.168"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 6.6.134 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 6.6.134"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 6.12.81 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 6.12.81"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 6.18.22 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 6.18.22"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 6.19.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 6.19.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 7.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 7.0"		en		Affected