CVE-2026-43217

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: iris: gen2: Add sanity check for session stop

In iris_kill_session, inst->state is set to IRIS_INST_ERROR and session_close is executed, which will kfree(inst_hfi_gen2->packet). If stop_streaming is called afterward, it will cause a crash.

Add a NULL check for inst_hfi_gen2->packet before sendling STOP packet to firmware to fix that.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux11712ce70f8e52fc94365b48ee15aec806b02422 < 72846441c5f6396de9face04e77fa3d28e9915b6affected
LinuxLinux11712ce70f8e52fc94365b48ee15aec806b02422 < 75992ba43072674fd4767df62a1fe2048565cc60affected
LinuxLinux11712ce70f8e52fc94365b48ee15aec806b02422 < 9aa8d63d09cfc44d879427cc5ba308012ca4ab8eaffected
LinuxLinux6.15affected
LinuxLinux0 < 6.15unaffected
LinuxLinux6.18.16 <= 6.18.*unaffected
LinuxLinux6.19.6 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References