CVE Catalog

CVE-2026-46235

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, a vulnerability related to the lack of checks for return values from ioremap in the saa7164_dev_setup() function has been resolved. In case of failure, already allocated PCI memory regions are released and the device is removed from the global list.

Risk Assessment

The absence of proper checks may lead to null pointer dereferences, jeopardizing system stability. Improper resource management in case of memory mapping failures can result in memory leaks.

Recommendation

It is recommended to update the Linux kernel to the latest version to benefit from the fixes related to this vulnerability. Additionally, monitor the system for potential memory-related issues.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164_dev_setup(). If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the global list, decrement the device count, and return -ENODEV. This prevents potential null pointer dereferences and ensures proper cleanup on memory mapping failures.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS