Linux Kernel Null Pointer Deref on Module Unload Renesas vsp1
CVE-2026-46310 Published on June 8, 2026
media: renesas: vsp1: Fix NULL pointer deref on module unload
In the Linux kernel, the following vulnerability has been resolved:
media: renesas: vsp1: Fix NULL pointer deref on module unload
When unloading the module on gen 4, we hit a NULL pointer dereference.
This is caused by the cleanup code calling vsp1_drm_cleanup() where it
should be calling vsp1_vspx_cleanup().
Fix this by checking the IP version and calling the drm or vspx function
accordingly, the same way as the init code does.
Products Associated with CVE-2026-46310
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version d06c1a9f348d22478c6bc5684f9c990e15ada1e9 and below bfb2081ba00afbbd15a5ed1ed1acdc3edeea5a98 is affected.
- Version d06c1a9f348d22478c6bc5684f9c990e15ada1e9 and below c4bb1515b26663e5230603892e67f2cc7df9f0ca is affected.
- Version d06c1a9f348d22478c6bc5684f9c990e15ada1e9 and below 58b1e9664d8f74d55d8411cc7a7b275a76a6f24f is affected.
- Version 6.17 is affected.
- Before 6.17 is unaffected.
- Version 6.18.32, <= 6.18.* is unaffected.
- Version 7.0.9, <= 7.0.* is unaffected.
- Version 7.1-rc1, <= * is unaffected.