CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved:

staging: greybus: lights: avoid NULL deref

gb_lights_light_config() stores channel_count before allocating the
channels array. If kcalloc() fails, gb_lights_release() iterates the
non-zero count and dereferences light->channels, which is NULL.

Allocate channels first and only then publish channels_count so the
cleanup path can’t walk a NULL pointer.

More information : https://git.kernel.org/stable/c/01b91cb3e748032fd96bbe0043812b426a52f091