Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp-bioscfg driver attempts to register kobjects with empty names when the HP BIOS returns attributes with empty name strings. This causes multiple kernel warnings: kobject: (00000000135fb5e6): attempted to be registered with empty name! WARNING: CPU: 14 PID: 3336 at lib/kobject.c:219 kobject_add_internal+0x2eb/0x310 Add validation in hp_init_bios_buffer_attribute() to check if the attribute name is empty after parsing it from the WMI buffer. If empty, log a debug message and skip registration of that attribute, allowing the module to continue processing other valid attributes.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.6, < 6.6.122 |
References
- https://git.kernel.org/stable/c/29917c80aa96a25cbcf5876fd774a1cfd72b01a9Patch
- https://git.kernel.org/stable/c/6476be59b7162b891b7bddbd0c2924d87379ef6cPatch
- https://git.kernel.org/stable/c/800b2767905d6b409b8bbe357121970f0b489a89Patch
- https://git.kernel.org/stable/c/fdee1b09721605f532352628d0a24623e7062efbPatch
FAQ
What is CVE-2026-23131?
CVE-2026-23131 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp-bioscfg driver attempts to register kobjects with ...
How severe is CVE-2026-23131?
CVE-2026-23131 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-23131?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.