CVE-2026-8050 | In SignalRGB versions prior to 1.3.7.0, seven of the thirtee…

Description

In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash.

Metadata

CVE ID: CVE-2026-8050
State: PUBLISHED
Assigner: certcc
Reserved: 2026-05-06 17:40 UTC
Published: 2026-06-17 21:05 UTC
Last updated: 2026-06-17 21:05 UTC
Vendor / Product: SignalRGB / SignalRGB kernel driver
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (1)

Vendor	Product	Platform	Versions
SignalRGB	SignalRGB kernel driver	—	0 < 1.3.7.0

Weakness (CWE)

CWE	Source	Description
—	cna	CWE-476 NULL Pointer Dereference

References (1)

https://kb.cert.org/vuls/id/380058