Description
In the Linux kernel, the following vulnerability has been resolved:

media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads

The pads missed checks for connected devices which may a null dereference
when the stream is enabled.

Unable to handle kernel NULL pointer dereference at virtual address
0000000000000020
pc : rkcif_interface_enable_streams+0x48/0xf0
lr : rkcif_interface_enable_streams+0x44/0xf0
Call trace:
rkcif_interface_enable_streams+0x48/0xf0
v4l2_subdev_enable_streams+0x26c/0x3f0
rkcif_stream_start_streaming+0x140/0x278
vb2_start_streaming+0x74/0x188
vb2_core_streamon+0xe0/0x1d8
vb2_ioctl_streamon+0x60/0xa8
v4l_streamon+0x2c/0x40
__video_do_ioctl+0x34c/0x400
video_usercopy+0x2d0/0x800
video_ioctl2+0x20/0x60
v4l2_ioctl+0x48/0x78
Published: 2026-05-28
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The rkcif driver for Rockchip devices in the Linux kernel omitted a mandatory connection flag for its pads, causing a null pointer dereference when a media stream is enabled on a pad that is not connected. This flaw follows the CWE-166 pattern, resulting in a kernel oops and a system crash that halts media services and can affect overall system stability. Based on the description, the likely attack vector is that an actor enables a media stream on an unconnected pad within the rkcif subsystem, which may require local privileges or exploitation of existing media control interfaces.

Affected Systems

This vulnerability is confined to the Linux kernel’s rkcif media subsystem. All installations of the Linux kernel that include the rkcif driver and have not incorporated the recent patch adding the MUST_CONNECT flag check are affected. Devices built on Rockchip SoCs that enable the media framework are the primary targets.

Risk and Exploitability

EPSS score of < 1% indicates a very low but non‑zero likelihood of exploitation, though no public exploit has been reported. The kernel null pointer dereference can lead to a crash if an attacker can trigger a media stream on an unconnected pad, resulting in service disruption. The absence of documented exploits suggests it is inferred that the attack would require local privilege to trigger the stream‑enabling path. No public exploitation reports are cited in the available references; this statement is inferred from the absence of exploitation indicators and is not a confirmed finding. The vulnerability is not listed in CISA KEV, but the high impact on system stability warrants prompt mitigation.

Generated by OpenCVE AI on May 29, 2026 at 05:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that includes the patch adding the MUST_CONNECT flag check for rkcif pads.
  • If an immediate kernel update is not possible, unload or disable the rkcif module to prevent media streaming until the fix is available.
  • Configure system log monitoring to alert on kernel Oops messages originating from rkcif_interface_enable_streams, as these indicate possible exploitation attempts.

Generated by OpenCVE AI on May 29, 2026 at 05:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 04:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-166
References

Thu, 28 May 2026 13:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Thu, 28 May 2026 10:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads The pads missed checks for connected devices which may a null dereference when the stream is enabled. Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 pc : rkcif_interface_enable_streams+0x48/0xf0 lr : rkcif_interface_enable_streams+0x44/0xf0 Call trace: rkcif_interface_enable_streams+0x48/0xf0 v4l2_subdev_enable_streams+0x26c/0x3f0 rkcif_stream_start_streaming+0x140/0x278 vb2_start_streaming+0x74/0x188 vb2_core_streamon+0xe0/0x1d8 vb2_ioctl_streamon+0x60/0xa8 v4l_streamon+0x2c/0x40 __video_do_ioctl+0x34c/0x400 video_usercopy+0x2d0/0x800 video_ioctl2+0x20/0x60 v4l2_ioctl+0x48/0x78
Title media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-28T09:40:38.777Z

Reserved: 2026-05-13T15:03:33.106Z

Link: CVE-2026-46222

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-28T10:16:37.823

Modified: 2026-05-28T13:44:01.663

Link: CVE-2026-46222

cve-icon Redhat

Severity :

Publid Date: 2026-05-28T00:00:00Z

Links: CVE-2026-46222 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T05:45:36Z

Weaknesses