Linux Kernel: Null Pointer Deref in intel_hdcp_gsc_check_status()
CVE-2026-46216 Published on May 28, 2026
drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()
When media GT is disabled via configfs, there is no allocation for
media_gt, which is kept as NULL. In such scenario,
intel_hdcp_gsc_check_status() results in a kernel pagefault error due to
>->uc.gsc being evaluated as an invalid memory address.
Fix that by introducing a NULL check on media_gt and bailing out early
if so.
While at it, also drop the NULL check for gsc, since it can't be NULL if
media_gt is not NULL.
v2:
- Get address for gsc only after checking that gt is not NULL.
(Shuicheng)
- Drop the NULL check for gsc. (Shuicheng)
v3:
- Add "Fixes" and "Cc: <stable...>" tags. (Matt)
(cherry picked from commit bfaf87e84ca3ca3f6e275f9ae56da47a8b55ffd1)
Products Associated with CVE-2026-46216
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 4af50beb4e0f9e6aed9cd53436c099f1dba826f1 and below d8ab4b47edf4578dbfbe5e95817107a514fa34cc is affected.
- Version 4af50beb4e0f9e6aed9cd53436c099f1dba826f1 and below 60a1e131a811b68703da58fd805ab359b704ab03 is affected.
- Version 6.10 is affected.
- Before 6.10 is unaffected.
- Version 7.0.9, <= 7.0.* is unaffected.
- Version 7.1-rc3, <= * is unaffected.