NULL Pointer Dereference Vulnerability in Linux Kernel Rockchip Media Interface
CVE-2026-46222

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46222?

A vulnerability in the Linux kernel's Rockchip media interface can lead to a NULL pointer dereference when the stream is activated. This occurs due to the absence of necessary checks for connected devices, which could allow an attacker to exploit this flaw, resulting in potential system crashes or unpredictable behavior. The vulnerability is found in the rkcif_interface_enable_streams function, which does not adequately ensure that required device pads are connected before initiating the stream.

Affected Version(s)

Linux 85411d17bee99b0a99e983f37188f9cdacfded54 < 318142640590342bfec7aa06d0bdcd0ddbf953d0

Linux 85411d17bee99b0a99e983f37188f9cdacfded54 < 8e3c751259dc2d1325838eff26f41032523c7b57

Linux 6.19

References

https://git.kernel.org/stable/c/318142640590342bfec7aa06d...

https://git.kernel.org/stable/c/8e3c751259dc2d1325838eff2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46222 Data

JSON