HIGHCVE-2026-43263Published Modified CNA Linux
CVE-2026-43263: media: chips-media: wave5: Fix Null reference while testing fluster
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts happens and structures for decoder are removed. "struct vpu_instance" this structure is shared for all flow in the decoder, so if the structure is not protected by lock, Null dereference could happens sometimes. IRQ Handler was spilt to two phases and Lock was added as well.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
06.18.166.19.67.0d12bcf183ec7da4305d848068d15f18044eaf62ae66ff2b08e4ee1c4d3b84f24818e5bcc178cc3a4ea316b784fe6a61b29131c98cddb24e651b1dcbc
Affected packages
- Linux / Linux< ea316b784fe6a61b29131c98cddb24e651b1dcbc (from 9707a6254a8a6b978bde811a44fe07d86c229d1c) · < d12bcf183ec7da4305d848068d15f18044eaf62a (from 9707a6254a8a6b978bde811a44fe07d86c229d1c) · < e66ff2b08e4ee1c4d3b84f24818e5bcc178cc3a4 (from 9707a6254a8a6b978bde811a44fe07d86c229d1c)
- Linux / Linux6.8Fixed in 0, 6.18.16, 6.19.6, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H