CVE-2026-43217 - Vulnerability Details

- media: iris: gen2: Add sanity check for session stop

Description

In the Linux kernel, the following vulnerability has been resolved:

media: iris: gen2: Add sanity check for session stop

In iris_kill_session, inst->state is set to IRIS_INST_ERROR and
session_close is executed, which will kfree(inst_hfi_gen2->packet).
If stop_streaming is called afterward, it will cause a crash.

Add a NULL check for inst_hfi_gen2->packet before sendling STOP packet
to firmware to fix that.

Published: 2026-05-06

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`11712ce70f8e52fc94365b48ee15aec806b02422`	affected	< 72846441c5f6396de9face04e77fa3d28e9915b6
`11712ce70f8e52fc94365b48ee15aec806b02422`	affected	< 75992ba43072674fd4767df62a1fe2048565cc60
`11712ce70f8e52fc94365b48ee15aec806b02422`	affected	< 9aa8d63d09cfc44d879427cc5ba308012ca4ab8e

Linux

affected

Version	Status	Constraints
`6.15`	affected	—
`0`	unaffected	< 6.15
`6.18.16`	unaffected	≤ 6.18.*
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/72846441c5f6396de9face04e77fa3d28e9915b6
https://git.kernel.org/stable/c/75992ba43072674fd4767df62a1fe2048565cc60
https://git.kernel.org/stable/c/9aa8d63d09cfc44d879427cc5ba308012ca4ab8e

History

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iris_kill_session, inst->state is set to IRIS_INST_ERROR and session_close is executed, which will kfree(inst_hfi_gen2->packet). If stop_streaming is called afterward, it will cause a crash. Add a NULL check for inst_hfi_gen2->packet before sendling STOP packet to firmware to fix that.
Title		media: iris: gen2: Add sanity check for session stop
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/72846441c5f6396de9face04e77fa3d28e9915b6 https://git.kernel.org/stable/c/75992ba43072674fd4767df62a1fe2048565cc60 https://git.kernel.org/stable/c/9aa8d63d09cfc44d879427cc5ba308012ca4ab8e

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:28:18.922Z

Updated: 2026-05-06T11:28:18.922Z

Reserved: 2026-05-01T14:12:55.993Z

Link: CVE-2026-43217

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:41.300

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43217

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object