Description
In the Linux kernel, the following vulnerability has been resolved:

media: ipu6: Fix RPM reference leak in probe error paths

Several error paths in ipu6_pci_probe() were jumping directly to
out_ipu6_bus_del_devices without releasing the runtime PM reference.
Add pm_runtime_put_sync() before cleaning up other resources.
Published: 2026-05-06
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel’s IPU6 media driver contains a bug in ipu6_pci_probe() where error paths skip a pm_runtime_put_sync() call, leaving a runtime power‑management reference undisposed. This results in a non‑decremented reference count that can grow each time the probe fails, potentially exhausting kernel resources. The vulnerability does not grant code execution or privilege escalation, but it weakens system availability by increasing kernel memory pressure and risk of instability.

Affected Systems

Systems running Linux kernels that include the IPU6 media driver are affected. The advisory does not enumerate specific kernel versions; the patch applies to upstream releases that contain the modified ipu6_pci_probe() routine. Thus any kernel build that includes the legacy implementation without the added runtime‑PM release is vulnerable.

Risk and Exploitability

The CVE entry does not provide an EPSS score or a KEV status, indicating that exploitation has not been observed. Based on the description, the likely attack vector is a local or privileged user that can induce probe failures on the IPU6 device, causing repeated unreleased references to accumulate. This can lead to resource exhaustion and could destabilize the system. The severity is moderate, as the flaw requires access to the PCI subsystem and does not allow arbitrary code execution.

Generated by OpenCVE AI on May 6, 2026 at 16:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a release that includes the patch adding pm_runtime_put_sync() to all ipu6_pci_probe() error paths.
  • If an immediate kernel upgrade is not possible, block or disable the IPU6 driver from probing by blacklisting the corresponding PCI devices to avoid exercising the error path.
  • Maintain the kernel and all media driver components at the latest stable upstream release to benefit from security and stability improvements.

Generated by OpenCVE AI on May 6, 2026 at 16:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 06 May 2026 17:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-391

Wed, 06 May 2026 12:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6_pci_probe() were jumping directly to out_ipu6_bus_del_devices without releasing the runtime PM reference. Add pm_runtime_put_sync() before cleaning up other resources.
Title media: ipu6: Fix RPM reference leak in probe error paths
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-06T11:27:50.843Z

Reserved: 2026-05-01T14:12:55.991Z

Link: CVE-2026-43177

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:36.190

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43177

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T16:45:07Z

Weaknesses