CVE-2026-46216
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability in the Linux kernel has been resolved by adding a NULL check for media_gt in the intel_hdcp_gsc_check_status() function. When media GT is disabled, the lack of allocation for media_gt leads to a kernel pagefault error.
Risk Assessment
This vulnerability may lead to operating system crashes, affecting service availability within the organization. If exploited, it could cause unexpected system behavior.
Recommendation
It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability. Additionally, monitor configurations related to media GT in the system.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status() When media GT is disabled via configfs, there is no allocation for media_gt, which is kept as NULL. In such scenario, intel_hdcp_gsc_check_status() results in a kernel pagefault error due to >->uc.gsc being evaluated as an invalid memory address. Fix that by introducing a NULL check on media_gt and bailing out early if so. While at it, also drop the NULL check for gsc, since it can't be NULL if media_gt is not NULL. v2: - Get address for gsc only after checking that gt is not NULL. (Shuicheng) - Drop the NULL check for gsc. (Shuicheng) v3: - Add "Fixes" and "Cc: <stable...>" tags. (Matt) (cherry picked from commit bfaf87e84ca3ca3f6e275f9ae56da47a8b55ffd1)

