CVE-2026-46310

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: renesas: vsp1: Fix NULL pointer deref on module unload

When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1_drm_cleanup() where it should be calling vsp1_vspx_cleanup().

Fix this by checking the IP version and calling the drm or vspx function accordingly, the same way as the init code does.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd06c1a9f348d22478c6bc5684f9c990e15ada1e9 < bfb2081ba00afbbd15a5ed1ed1acdc3edeea5a98affected
LinuxLinuxd06c1a9f348d22478c6bc5684f9c990e15ada1e9 < c4bb1515b26663e5230603892e67f2cc7df9f0caaffected
LinuxLinuxd06c1a9f348d22478c6bc5684f9c990e15ada1e9 < 58b1e9664d8f74d55d8411cc7a7b275a76a6f24faffected
LinuxLinux6.17affected
LinuxLinux0 < 6.17unaffected
LinuxLinux6.18.32 <= 6.18.*unaffected
LinuxLinux7.0.9 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References