{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-46305","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-13T15:03:33.111Z","datePublished":"2026-06-08T15:46:32.831Z","dateUpdated":"2026-06-14T18:07:55.303Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-06-14T18:07:55.303Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc\n\nThe return value of kzalloc_flex() is used without\nensuring that the allocation succeeded, and the\npointer is dereferenced unconditionally.\n\nGuard the access to the allocated structure to\navoid a potential NULL pointer dereference if the\nallocation fails."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/staging/rtl8723bs/os_dep/osdep_service.c"],"versions":[{"version":"980cd426a25747daf8ed25e2a1904b2d26ffbb3d","lessThan":"0a5f411becfb7c57aa89827213d31ef23a03d75a","status":"affected","versionType":"git"},{"version":"980cd426a25747daf8ed25e2a1904b2d26ffbb3d","lessThan":"bc851db06045a40c18233dd76ef0562d7f8bb6db","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/staging/rtl8723bs/os_dep/osdep_service.c"],"versions":[{"version":"7.0","status":"affected"},{"version":"0","lessThan":"7.0","status":"unaffected","versionType":"semver"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","status":"unaffected","versionType":"semver"},{"version":"7.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0","versionEndExcluding":"7.0.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0","versionEndExcluding":"7.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0a5f411becfb7c57aa89827213d31ef23a03d75a"},{"url":"https://git.kernel.org/stable/c/bc851db06045a40c18233dd76ef0562d7f8bb6db"}],"title":"staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc","x_generator":{"engine":"bippy-1.2.0"}}}}