CVE-2026-46305

Summary

In the Linux kernel, the following vulnerability has been resolved:

staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc

The return value of kzalloc_flex() is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally.

Guard the access to the allocated structure to avoid a potential NULL pointer dereference if the allocation fails.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux980cd426a25747daf8ed25e2a1904b2d26ffbb3d < 0a5f411becfb7c57aa89827213d31ef23a03d75aaffected
LinuxLinux980cd426a25747daf8ed25e2a1904b2d26ffbb3d < bc851db06045a40c18233dd76ef0562d7f8bb6dbaffected
LinuxLinux7.0affected
LinuxLinux0 < 7.0unaffected
LinuxLinux7.0.7 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References