CVE-2026-45978

medium Red Hat
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's Greybus Lights subsystem. This vulnerability occurs when the `gb_lights_light_config()` function attempts to store a channel count before successfully allocating the corresponding channels array. If the memory allocation fails, a subsequent cleanup operation can try to access a non-existent memory location, leading to a null pointer dereference. This can result in a system crash, causing a Denial of Service (DoS) for affected systems.

CWE

CWE-476

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References