CVE-2026-43142
Memory Leak in Linux Kernel Iris Gen1 Driver
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been resolved by destroying internal buffers after the firmware releases them in the Linux kernel iris gen1 driver. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's media iris gen1 driver. After the firmware releases internal buffers, the driver was not properly destroying these buffers. This caused stale memory allocations to remain, especially when resolution changes led to new buffers being allocated. As a result, memory was wasted until the session was closed.
The fix involves destroying internal buffers once the release response is received from the firmware, preventing the buildup of unused memory allocations.
How can this vulnerability impact me? :
This vulnerability can lead to inefficient memory usage because stale internal buffers are not destroyed after they are released by the firmware. Over time, especially during resolution changes where new buffers are allocated, this can cause wasted memory until the session is closed.
The impact is primarily related to resource wastage, which could degrade system performance or stability if memory consumption grows excessively.