CVE-2026-45978

MEDIUM EPSS 2.4%
Published May 27, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gb_lights_light_config() stores channel_count before allocating the channels array. If kcalloc() fails, gb_lights_release() iterates the non-zero count and dereferences light->channels, which is NULL. Allocate channels first and only then publish channels_count so the cleanup path can't walk a NULL pointer.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥4.9  –  <5.10.252
linuxlinux_kernel*≥5.11  –  <5.15.202
linuxlinux_kernel*≥5.16  –  <6.1.165
linuxlinux_kernel*≥6.2  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.14
linuxlinux_kernel*≥6.19  –  <6.19.4

References 8

  • git.kernel.org https://git.kernel.org/stable/c/01b91cb3e748032fd96bbe0043812b426a52f091
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/06162d85f830582da6e9e5fcf9c9504d6da9ae0b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3cbe694d235d96f628ec7dc6ae4d8bdddb768699
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65f2c608096d766540953d9b170d216aa3b5eb95
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a118724d7641b832fa14323e2733e28ae4834552
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba5022162da63059bae36c4fd84d7031f582c71f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da46264a7016034a5bbbad034c012ef218b7d0af
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/efcffd9a6ad8d190651498d5eda53bfc7cf683a7
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/01b91cb3e748032fd96bbe0043812b426a52f091
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/06162d85f830582da6e9e5fcf9c9504d6da9ae0b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3cbe694d235d96f628ec7dc6ae4d8bdddb768699
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65f2c608096d766540953d9b170d216aa3b5eb95
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a118724d7641b832fa14323e2733e28ae4834552
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba5022162da63059bae36c4fd84d7031f582c71f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da46264a7016034a5bbbad034c012ef218b7d0af
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/efcffd9a6ad8d190651498d5eda53bfc7cf683a7
    Patch