CVE-2026-46216

EUVD-2026-32843

28.05.2026, 10:16

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/hdcp: Add NULL check for media_gt in intel_hdcp_gsc_check_status()

When media GT is disabled via configfs, there is no allocation for
media_gt, which is kept as NULL.  In such scenario,
intel_hdcp_gsc_check_status() results in a kernel pagefault error due to
&gt->uc.gsc being evaluated as an invalid memory address.

Fix that by introducing a NULL check on media_gt and bailing out early
if so.

While at it, also drop the NULL check for gsc, since it can't be NULL if
media_gt is not NULL.

v2:
  - Get address for gsc only after checking that gt is not NULL.
    (Shuicheng)
  - Drop the NULL check for gsc. (Shuicheng)
v3:
  - Add "Fixes" and "Cc: <stable...>" tags. (Matt)

(cherry picked from commit bfaf87e84ca3ca3f6e275f9ae56da47a8b55ffd1)

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 5%

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.170-3 fixed
bookworm (security)	6.1.174-1 fixed
bullseye	5.10.223-1 fixed
bullseye (security)	5.10.257-1 fixed
forky	7.0.9-1 fixed
sid	7.0.10-1 fixed
trixie	vulnerable
trixie (security)	vulnerable

References

https://git.kernel.org/stable/c/60a1e131a811b68703da58fd805ab359b704ab03

https://git.kernel.org/stable/c/d8ab4b47edf4578dbfbe5e95817107a514fa34cc