5.5
CVE-2026-43142
- EPSS 0.13%
- Veröffentlicht 06.05.2026 11:27:26
- Zuletzt bearbeitet 13.05.2026 18:41:13
- CVE-Watchlists
- Unerledigt
media: iris: gen1: Destroy internal buffers after FW releases
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen1: Destroy internal buffers after FW releases After the firmware releases internal buffers, the driver was not destroying them. This left stale allocations that were no longer used, especially across resolution changes where new buffers are allocated per the updated requirements. As a result, memory was wasted until session close. Destroy internal buffers once the release response is received from the firmware.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.15 < 6.18.16
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.026 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/7cde76db8883ec8a3d1456068079ecadbfb15ca5
https://git.kernel.org/stable/c/d4457f23ac0130240053a34be663f0fade3bb371
https://git.kernel.org/stable/c/1dabf00ee206eceb0f08a1fe5d1ce635f9064338