CVE-2026-43217 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iris_kill_session, inst->state is set to IRIS_INST_ERROR and session_close is executed, which will kfree(inst_hfi_gen2->packet). If stop_streaming is called afterward, it will cause a crash. Add a NULL check for inst_hfi_gen2->packet before sendling STOP packet to firmware to fix that.

PUBLISHED Reserved 2026-05-01 | Published 2026-05-06 | Updated 2026-05-06 | Assigner Linux

Product status

Default status

unaffected

11712ce70f8e52fc94365b48ee15aec806b02422 (git) before 72846441c5f6396de9face04e77fa3d28e9915b6

affected

11712ce70f8e52fc94365b48ee15aec806b02422 (git) before 75992ba43072674fd4767df62a1fe2048565cc60

affected

11712ce70f8e52fc94365b48ee15aec806b02422 (git) before 9aa8d63d09cfc44d879427cc5ba308012ca4ab8e

affected

Default status

affected

6.15

affected

Any version before 6.15

unaffected

6.18.16 (semver)

unaffected

6.19.6 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/72846441c5f6396de9face04e77fa3d28e9915b6

git.kernel.org/...c/75992ba43072674fd4767df62a1fe2048565cc60

git.kernel.org/...c/9aa8d63d09cfc44d879427cc5ba308012ca4ab8e

cve.org (CVE-2026-43217)

nvd.nist.gov (CVE-2026-43217)

Download JSON

help @ threatint.eu