In the Linux kernel, the following vulnerability has been resolved:

fbcon: check return value of con2fb_acquire_newinfo()

If fbcon_open() fails when called from con2fb_acquire_newinfo() then
info->fbcon_par pointer remains NULL which is later dereferenced.

Add check for return value of the function con2fb_acquire_newinfo() to
avoid it.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Project Subscriptions

Vendors Products
Linux Kernel Subscribe
Advisories
Source ID Title
Ubuntu USN Ubuntu USN USN-8492-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8492-2 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8497-1 Linux kernel (Low Latency) vulnerabilities
Ubuntu USN Ubuntu USN USN-8498-1 Linux kernel (NVIDIA Tegra) vulnerabilities
Ubuntu USN Ubuntu USN USN-8499-1 Linux kernel (Xilinx) vulnerabilities
Ubuntu USN Ubuntu USN USN-8492-3 Linux kernel (Raspberry Pi Real-time) vulnerabilities
Ubuntu USN Ubuntu USN USN-8492-4 Linux kernel (Raspberry Pi) vulnerabilities
Ubuntu USN Ubuntu USN USN-8492-5 Linux kernel (FIPS) vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 12 May 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Thu, 07 May 2026 03:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Thu, 07 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-252
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low


Wed, 06 May 2026 13:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Wed, 06 May 2026 12:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fb_acquire_newinfo() If fbcon_open() fails when called from con2fb_acquire_newinfo() then info->fbcon_par pointer remains NULL which is later dereferenced. Add check for return value of the function con2fb_acquire_newinfo() to avoid it. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Title fbcon: check return value of con2fb_acquire_newinfo()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:18:12.071Z

Reserved: 2026-05-01T14:12:55.987Z

Link: CVE-2026-43123

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-05-06T12:16:29.180

Modified: 2026-06-17T10:48:58.733

Link: CVE-2026-43123

cve-icon Redhat

Severity : Low

Publid Date: 2026-05-06T00:00:00Z

Links: CVE-2026-43123 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T00:45:26Z

Weaknesses