In the Linux kernel, the following vulnerability has been resolved:
PM: EM: Fix NULL pointer dereference when perf domain ID is not found
devenergymodelnlgetperfdomainsdoit() calls emperfdomaingetby_id() but does not check the return value before passing it to __emnlgetpdsize(). When a caller supplies a non-existent perf domain ID, emperfdomaingetby_id() returns NULL, and __emnlgetpdsize() immediately dereferences pd->cpus (struct offset 0x30), causing a NULL pointer dereference.
The sister handler devenergymodelnlgetperftabledoit() already handles this correctly via _emnlgetpdtableid(), which returns NULL and causes the caller to return -EINVAL. Add the same NULL check in the get-perf-domains do handler.
[ rjw: Subject and changelog edits ]
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31744.json",
"cna_assigner": "Linux"
}