High severity7.8NVD Advisory· Published May 28, 2026· Updated Jun 10, 2026
CVE-2026-46240
CVE-2026-46240
Description
In the Linux kernel, the following vulnerability has been resolved:
media: iris: Fix use-after-free in iris_release_internal_buffers()
The recent change in commit 1dabf00ee206 ("media: iris: gen1: Destroy internal buffers after FW releases") introduced a regression where session_release_buf() may free the buffer. The caller, iris_release_internal_buffers(), continued to access buffer after the call, leading to a potential use-after-free.
Fix this by setting BUF_ATTR_PENDING_RELEASE before calling session_release_buf(), and reverting the flag if the call fails. This ensures no dereference occurs after potential freeing.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords2 versions
< 6.18.32+ 1 more
- (no CPE)range: < 6.18.32
- (no CPE)range: < 7.0.11-1.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.