CVE-2026-43151
Awaiting Analysis Awaiting Analysis - Queue
Revert Fix for Iris Media Driver Stop Streaming Issue in Linux Kernel

Publication date: 2026-05-06

Last updated on: 2026-05-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: Revert "media: iris: Add sanity check for stop streaming" This reverts commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. Revert the check that skipped stop_streaming when the instance was in IRIS_INST_ERROR, as it caused multiple regressions: 1. Buffers were not returned to vb2 when the instance was already in error state, triggering warnings in the vb2 core because buffer completion was skipped. 2. If a session failed early (e.g. unsupported configuration), the instance transitioned to IRIS_INST_ERROR. When userspace attempted to stop streaming for cleanup, stop_streaming was skipped due to the added check, preventing proper teardown and leaving the firmware in an inconsistent state.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-06
Generated
2026-06-16
AI Q&A
2026-05-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43151
EUVD
EUVD-2026-27714
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel *
linux_kernel linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel relates to a reverted change in the media iris driver that had added a sanity check for stopping streaming. The reverted commit had skipped the stop_streaming operation when the instance was in an error state (IRIS_INST_ERROR). This caused multiple issues: buffers were not returned properly, triggering warnings, and if a session failed early, the stop_streaming was skipped, preventing proper cleanup and leaving the firmware in an inconsistent state.

Impact Analysis

The impact of this vulnerability includes improper handling of streaming sessions in error states. Specifically, buffers may not be returned correctly, causing warnings and potential resource leaks. Additionally, failure to properly stop streaming can leave the firmware in an inconsistent state, which may affect device stability and reliability.

Mitigation Strategies

The vulnerability was resolved by reverting a commit that added a problematic sanity check in the Linux kernel media iris driver. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this revert, ensuring the stop_streaming function properly handles instances in the IRIS_INST_ERROR state.

  • Check your current Linux kernel version.
  • Update the Linux kernel to the latest stable release that contains the fix.
  • Restart the system after the kernel update to apply changes.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43151. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart