SUSE CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

CVE-2026-45978

A flaw was found in the Linux kernel's Greybus Lights subsystem. This vulnerability occurs when the gblightslightconfig function attempts to store a channel count before successfully allocating the corresponding channels array. If the memory allocation fails, a subsequent cleanup operation can tr...

EUVD-2026-32262

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

UBUNTU-CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

CVE-2026-45978 staging: greybus: lights: avoid NULL deref

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

CVE-2026-45978

The CVE-2026-45978 issue affects the Linux kernel (staging/greybus: lights) where gb_lights_light_config() stores channel_count before allocating the channels array. If kcalloc() fails, gb_lights_release() iterates the non-zero count and dereferences light->channels, which can be NULL. The fix...

PT-2026-43845

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gb lights light config stores channel count before allocating the channels array. If kcalloc fails, gb lights release iterates the non-zero count and dereferences light-channels, which i...

CVE-2026-45978

staging: greybus: lights: avoid NULL deref...

Linux Distros Unpatched Vulnerability : CVE-2026-45978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: greybus: lights: check return of getchannelfrommode If channel for the given node is not found we return null from getchannelfrommode. Make sure we validate the return pointer before using it in two of the missing places. This wa...

EUVD-2026-15588

Deserialization of Untrusted Data vulnerability in NooTheme CitiLights noo-citilights allows Object Injection.This issue affects CitiLights: from n/a through = 3.7.1...

CVE-2026-25367

Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through 3.7.2...

Dozens of ICE Vehicles in Minnesota Lack ‘Necessary’ Lights and Sirens

A contract justification published in a federal register on Tuesday says that 31 ICE vehicles operating in the Twin Cities area “lack the necessary emergency lights and sirens” to be “compliant.”...

CVE-2022-23701

A potential remote host header injection security vulnerability has been identified in HPE Integrated Lights-Out 4 iLO 4 firmware versions: Prior to 2.60. This vulnerability could be remotely exploited to allow an attacker to supply invalid input to the iLO 4 webserver, causing it to respond with...

CVE-2022-23704

A potential security vulnerability has been identified in Integrated Lights-Out 4 iLO 4. The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 iLO 4 2.80 and later...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993178)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993178 advisory. In the Linux kernel, the following vulnerability has been resolved: greybus: lights: check return of getchannelfrommode If channel for the given node is not found we...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: My coauthor Nathan E. Sanders and I are speaking at the Rayburn House Office Building in Washington, DC at noon ET on November 17, 2025. The event is hosted by the POPVOX Foundation and the topic is “AI and Congress: Practical Step...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28638)

An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise h...