CVE-2026-45969
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability has been identified in the Linux kernel within the ps_gamepad_create() function, which calls input_ff_create_memless() without verifying its return value. This can lead to incorrect behavior or potential crashes when FF effects are triggered.
Risk Assessment
The lack of return value verification may result in system instability or crashes, affecting the availability of services utilizing PlayStation controllers.
Recommendation
It is recommended to update the Linux kernel to a version where the return value check for input_ff_create_memless() has been added.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Add missing check for input_ff_create_memless The ps_gamepad_create() function calls input_ff_create_memless() without verifying its return value, which can lead to incorrect behavior or potential crashes when FF effects are triggered. Add a check for the return value of input_ff_create_memless().

