PatchSiren cyber security CVE debrief
CVE-2026-46313 Linux CVE debrief
A vulnerability has been resolved in the Linux kernel related to the media: intel/ipu6 module. The vulnerability is caused by a potential error pointer dereference in the ipu6_pci_probe() function. In an error path, isp->psys is confirmed to be an error pointer, not NULL, and is subsequently dereferenced. To fix this issue, isp->psys should be set to NULL before going to out_ipu6_bus_del_devices.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-08
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-08
- Advisory updated
- 2026-06-08
Who should care
Users of the Linux kernel with the media: intel/ipu6 module enabled should be aware of this vulnerability.
Technical summary
The vulnerability is caused by a potential error pointer dereference in the ipu6_pci_probe() function. In an error path, isp->psys is confirmed to be an error pointer, not NULL, and is subsequently dereferenced.
Defensive priority
medium
Recommended defensive actions
- Apply the patches provided by the Linux kernel maintainers to fix the vulnerability.
- Review the code changes to ensure that the fix is properly implemented.
Evidence notes
The vulnerability was detected by Smatch.
Official resources
-
CVE-2026-46313 CVE record
CVE.org
-
CVE-2026-46313 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
public