CVE-2026-43177
RPM Reference Leak in Linux Kernel IPU6 Driver
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is related to the Linux kernel's media subsystem, specifically the ipu6 driver. It involves a reference leak of the runtime power management (PM) in error paths of the ipu6_pci_probe() function. Some error handling paths were skipping the proper release of the runtime PM reference, which could lead to resource management issues. The fix involved adding a call to pm_runtime_put_sync() before cleaning up other resources to ensure the runtime PM reference is correctly released.
How can this vulnerability impact me? :
The impact of this vulnerability is primarily related to resource management within the Linux kernel's media driver. If the runtime PM reference is not properly released, it could lead to resource leaks, potentially causing increased power consumption or instability in the affected system components. However, no specific CVSS score or detailed impact information is provided.