CVE-2026-43123
Awaiting Analysis Awaiting Analysis - Queue

Null Pointer Dereference in Linux Kernel Framebuffer Console

Vulnerability report for CVE-2026-43123, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-05-06

Last updated on: 2026-05-06

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fb_acquire_newinfo() If fbcon_open() fails when called from con2fb_acquire_newinfo() then info->fbcon_par pointer remains NULL which is later dereferenced. Add check for return value of the function con2fb_acquire_newinfo() to avoid it. Found by Linux Verification Center (linuxtesting.org) with SVACE.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-06
Last Modified
2026-05-06
Generated
2026-07-06
AI Q&A
2026-05-06
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's framebuffer console (fbcon) component. Specifically, when the function fbcon_open() fails during a call from con2fb_acquire_newinfo(), a pointer named fbcon_par remains NULL. Later in the code, this NULL pointer is dereferenced, which can lead to undefined behavior or a system crash. The issue is fixed by adding a check for the return value of con2fb_acquire_newinfo() to prevent dereferencing a NULL pointer.

Impact Analysis

The impact of this vulnerability is that it can cause the Linux kernel to dereference a NULL pointer, potentially leading to a system crash or instability. This could result in denial of service (DoS) conditions where the affected system becomes unresponsive or requires a reboot.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43123. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart