CVE-2026-43217
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: iris: gen2: Add sanity check for session stop
In iris_kill_session, inst->state is set to IRIS_INST_ERROR and session_close is executed, which will kfree(inst_hfi_gen2->packet). If stop_streaming is called afterward, it will cause a crash.
Add a NULL check for inst_hfi_gen2->packet before sendling STOP packet to firmware to fix that.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 11712ce70f8e52fc94365b48ee15aec806b02422 < 72846441c5f6396de9face04e77fa3d28e9915b6 | affected |
| Linux | Linux | 11712ce70f8e52fc94365b48ee15aec806b02422 < 75992ba43072674fd4767df62a1fe2048565cc60 | affected |
| Linux | Linux | 11712ce70f8e52fc94365b48ee15aec806b02422 < 9aa8d63d09cfc44d879427cc5ba308012ca4ab8e | affected |
| Linux | Linux | 6.15 | affected |
| Linux | Linux | 0 < 6.15 | unaffected |
| Linux | Linux | 6.18.16 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.6 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/72846441c5f6396de9face04e77fa3d28e9915b6
- https://git.kernel.org/stable/c/75992ba43072674fd4767df62a1fe2048565cc60
- https://git.kernel.org/stable/c/9aa8d63d09cfc44d879427cc5ba308012ca4ab8e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.