CVE-2026-46305 is a vulnerability in Linux Kernel
Published on June 8, 2026
staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc
In the Linux kernel, the following vulnerability has been resolved:
staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc
The return value of kzalloc_flex() is used without
ensuring that the allocation succeeded, and the
pointer is dereferenced unconditionally.
Guard the access to the allocated structure to
avoid a potential NULL pointer dereference if the
allocation fails.
Products Associated with CVE-2026-46305
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 980cd426a25747daf8ed25e2a1904b2d26ffbb3d and below 0a5f411becfb7c57aa89827213d31ef23a03d75a is affected.
- Version 980cd426a25747daf8ed25e2a1904b2d26ffbb3d and below bc851db06045a40c18233dd76ef0562d7f8bb6db is affected.
- Version 7.0 is affected.
- Before 7.0 is unaffected.
- Version 7.0.7, <= 7.0.* is unaffected.
- Version 7.1-rc3, <= * is unaffected.