{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-43263","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-01T14:12:55.997Z","datePublished":"2026-05-06T11:28:50.188Z","dateUpdated":"2026-05-11T22:21:10.712Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T22:21:10.712Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: chips-media: wave5: Fix Null reference while testing fluster\n\nWhen multi instances are created/destroyed, many interrupts happens\nand structures for decoder are removed.\n\"struct vpu_instance\" this structure is shared for all flow in the decoder,\nso if the structure is not protected by lock, Null dereference\ncould happens sometimes.\nIRQ Handler was spilt to two phases and Lock was added as well."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH"}}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/media/platform/chips-media/wave5/wave5-helper.c","drivers/media/platform/chips-media/wave5/wave5-helper.h","drivers/media/platform/chips-media/wave5/wave5-vpu-dec.c","drivers/media/platform/chips-media/wave5/wave5-vpu-enc.c","drivers/media/platform/chips-media/wave5/wave5-vpu.c","drivers/media/platform/chips-media/wave5/wave5-vpuapi.h"],"versions":[{"version":"9707a6254a8a6b978bde811a44fe07d86c229d1c","lessThan":"ea316b784fe6a61b29131c98cddb24e651b1dcbc","status":"affected","versionType":"git"},{"version":"9707a6254a8a6b978bde811a44fe07d86c229d1c","lessThan":"d12bcf183ec7da4305d848068d15f18044eaf62a","status":"affected","versionType":"git"},{"version":"9707a6254a8a6b978bde811a44fe07d86c229d1c","lessThan":"e66ff2b08e4ee1c4d3b84f24818e5bcc178cc3a4","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/media/platform/chips-media/wave5/wave5-helper.c","drivers/media/platform/chips-media/wave5/wave5-helper.h","drivers/media/platform/chips-media/wave5/wave5-vpu-dec.c","drivers/media/platform/chips-media/wave5/wave5-vpu-enc.c","drivers/media/platform/chips-media/wave5/wave5-vpu.c","drivers/media/platform/chips-media/wave5/wave5-vpuapi.h"],"versions":[{"version":"6.8","status":"affected"},{"version":"0","lessThan":"6.8","status":"unaffected","versionType":"semver"},{"version":"6.18.16","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19.6","lessThanOrEqual":"6.19.*","status":"unaffected","versionType":"semver"},{"version":"7.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.18.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.19.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"7.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/ea316b784fe6a61b29131c98cddb24e651b1dcbc"},{"url":"https://git.kernel.org/stable/c/d12bcf183ec7da4305d848068d15f18044eaf62a"},{"url":"https://git.kernel.org/stable/c/e66ff2b08e4ee1c4d3b84f24818e5bcc178cc3a4"}],"title":"media: chips-media: wave5: Fix Null reference while testing fluster","x_generator":{"engine":"bippy-1.2.0"}}}}