{
  "public_date" : "2026-05-06T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: media: chips-media: wave5: Fix Null reference while testing fluster",
    "id" : "2467177",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2467177"
  },
  "cwe" : "CWE-476",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nmedia: chips-media: wave5: Fix Null reference while testing fluster\nWhen multi instances are created/destroyed, many interrupts happens\nand structures for decoder are removed.\n\"struct vpu_instance\" this structure is shared for all flow in the decoder,\nso if the structure is not protected by lock, Null dereference\ncould happens sometimes.\nIRQ Handler was spilt to two phases and Lock was added as well.", "A flaw was found in the Linux kernel's chips-media wave5 driver. This vulnerability occurs when multiple instances are created and destroyed, leading to many interrupts. Without proper lock protection for the shared `vpu_instance` structure, a Null dereference can occur, potentially causing a system crash and resulting in a Denial of Service (DoS)." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-43263\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-43263\nhttps://lore.kernel.org/linux-cve-announce/2026050607-CVE-2026-43263-9e78@gregkh/T" ],
  "name" : "CVE-2026-43263",
  "csaw" : false
}