CVE-2026-46310

Severity CVSS v4.0:
Pending analysis
Type:
CWE-476 NULL Pointer Dereference
Publication date:
08/06/2026
Last modified:
08/07/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: renesas: vsp1: Fix NULL pointer deref on module unload<br /> <br /> When unloading the module on gen 4, we hit a NULL pointer dereference.<br /> This is caused by the cleanup code calling vsp1_drm_cleanup() where it<br /> should be calling vsp1_vspx_cleanup().<br /> <br /> Fix this by checking the IP version and calling the drm or vspx function<br /> accordingly, the same way as the init code does.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.17 (including) 6.18.32 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.19 (including) 7.0.9 (excluding)