CVE-2026-45978
Published: May 27, 2026
Modified: May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gb_lights_light_config() stores channel_count before allocating the channels array. If kcalloc() fails, gb_lights_release() iterates the non-zero count and dereferences light->channels, which is NULL. Allocate channels first and only then publish channels_count so the cleanup path can't walk a NULL pointer.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 2870b52bae4c81823ffcb3ed2b0626fb39d64f48 - < a118724d7641b832fa14323e2733e28ae4834552affected 2870b52bae4c81823ffcb3ed2b0626fb39d64f48 - < 3cbe694d235d96f628ec7dc6ae4d8bdddb768699affected 2870b52bae4c81823ffcb3ed2b0626fb39d64f48 - < ba5022162da63059bae36c4fd84d7031f582c71faffected 2870b52bae4c81823ffcb3ed2b0626fb39d64f48 - < 65f2c608096d766540953d9b170d216aa3b5eb95affected 2870b52bae4c81823ffcb3ed2b0626fb39d64f48 - < 01b91cb3e748032fd96bbe0043812b426a52f091+3 more versions |
Linux | Linux | affected 4.9unaffected 0 - < 4.9unaffected 5.10.252 - <= 5.10.*unaffected 5.15.202 - <= 5.15.*unaffected 6.1.165 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now