CVE Catalog

CVE-2026-45969

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel within the ps_gamepad_create() function, which calls input_ff_create_memless() without verifying its return value. This can lead to incorrect behavior or potential crashes when FF effects are triggered.

Risk Assessment

The lack of return value verification may result in system instability or crashes, affecting the availability of services utilizing PlayStation controllers.

Recommendation

It is recommended to update the Linux kernel to a version where the return value check for input_ff_create_memless() has been added.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Add missing check for input_ff_create_memless The ps_gamepad_create() function calls input_ff_create_memless() without verifying its return value, which can lead to incorrect behavior or potential crashes when FF effects are triggered. Add a check for the return value of input_ff_create_memless().

Vulnerability data from NVD (NIST) · CISA KEV · EPSS