PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-45982 Linux CVE debrief

A NULL pointer dereference vulnerability in the Linux kernel's ACPICA (ACPI Component Architecture) subsystem has been resolved. The flaw existed in the acpi_ev_address_space_dispatch() function, where a missed execution path could lead to dereferencing a NULL pointer. The fix adds a new check to cover this previously unhandled code path. This vulnerability affects the kernel's ACPI event handling infrastructure, which is responsible for managing address space operations during ACPI event dispatch. Successful exploitation could potentially lead to system crashes or denial of service conditions. The vulnerability was patched across multiple stable kernel branches, indicating it affected several maintained kernel versions.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-27
Original CVE updated
2026-05-27
Advisory published
2026-05-27
Advisory updated
2026-05-27

Who should care

Linux system administrators, kernel maintainers, and security teams responsible for infrastructure running Linux kernels with ACPI support enabled. Organizations with high-availability requirements for Linux systems should prioritize this patch to prevent potential denial of service via ACPI-triggered kernel crashes.

Technical summary

The vulnerability resides in the ACPICA (ACPI Component Architecture) implementation within the Linux kernel, specifically in the acpi_ev_address_space_dispatch() function. This function handles address space operations during ACPI event dispatch. The flaw was a missed execution path that could result in dereferencing a NULL pointer, potentially causing kernel crashes. The resolution adds a defensive NULL check to cover this execution path. ACPICA is the reference implementation of ACPI used across multiple operating systems; in Linux, it provides the core ACPI interpreter and event handling. The function acpi_ev_address_space_dispatch() is invoked during ACPI event processing when operations need to be dispatched to registered address space handlers. The multiple stable branch commits indicate this fix was backported to several maintained kernel release lines.

Defensive priority

medium

Recommended defensive actions

  • Apply kernel updates from your Linux distribution that include the ACPICA fix for CVE-2026-45982
  • Monitor vendor security advisories for kernel package availability
  • Review system logs for any ACPI-related errors that may indicate trigger attempts
  • Consider disabling ACPI functionality only if not required for system operation, though this is generally impractical for most deployments
  • Prioritize patching on systems where untrusted users can influence ACPI tables or where ACPI debugging is enabled

Evidence notes

The CVE description confirms this is a NULL pointer dereference fix in acpi_ev_address_space_dispatch() within ACPICA. Multiple git.kernel.org stable branch commits are referenced, indicating coordinated patching across kernel versions. The NVD entry shows 'Awaiting Analysis' status with no CVSS score assigned at time of disclosure.

Official resources

2026-05-27