A vulnerability classified as critical was found in Linux Kernel up to 7.0.6/7.1-rc2 . Impacted is the function kzalloc_flex of the component staging . The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2026-46305 . The attack must originate from the local network. There is no exploit available. Upgrading the affected component is advised.