media: chips-media: wave5: Fix device cleanup order to prevent kernel panic

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-43229
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-05-06 12:16:42 UTC
Updated2026-05-08 21:08:53 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread and disabling PM runtime. This prevents hardware register access after the device has been powered down. In polling mode, the hrtimer periodically triggers wave5_vpu_timer_callback() which queues work to the kthread worker. The worker executes wave5_vpu_irq_work_fn() which reads hardware registers via wave5_vdi_read_register(). The original cleanup order disabled PM runtime and powered down hardware before unregistering video devices. When autosuspend triggers and powers off the hardware, the video devices are still registered and the worker thread can still be triggered by the hrtimer, causing it to attempt reading registers from powered-off hardware. This results in a bus error (synchronous external abort) and kernel panic. This causes random kernel panics during encoding operations: Internal error: synchronous external abort: 0000000096000010 [#1] PREEMPT SMP Modules linked in: wave5 rpmsg_ctrl rpmsg_char ... CPU: 0 UID: 0 PID: 1520 Comm: vpu_irq_thread Tainted: G M W pc : wave5_vdi_read_register+0x10/0x38 [wave5] lr : wave5_vpu_irq_work_fn+0x28/0x60 [wave5] Call trace: wave5_vdi_read_register+0x10/0x38 [wave5] kthread_worker_fn+0xd8/0x238 kthread+0x104/0x120 ret_from_fork+0x10/0x20 Code: aa1e03e9 d503201f f9416800 8b214000 (b9400000) ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: synchronous external abort: Fatal exception

Risk And Classification

Primary CVSS: v3.1 5.5 MEDIUM from [email protected]

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem Types: NVD-CWE-noinfo

CVSS v3.1 Breakdown

Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Linux Linux Kernel All All All All

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 9707a6254a8a6b978bde811a44fe07d86c229d1c b73d85231d5b1400a4fa5046cdac6c4d7cc6d969 git Not specified
CNA Linux Linux affected 9707a6254a8a6b978bde811a44fe07d86c229d1c 526816f2e331954d80fed8b37fa94efbbdde2b8d git Not specified
CNA Linux Linux affected 9707a6254a8a6b978bde811a44fe07d86c229d1c dc2b7deae740a3ed138fb7ae17c97fa4055cfc5f git Not specified
CNA Linux Linux affected 9707a6254a8a6b978bde811a44fe07d86c229d1c b74cedac643b02aefa7da881b58a3792859d9748 git Not specified
CNA Linux Linux affected 6.8 Not specified
CNA Linux Linux unaffected 6.8 semver Not specified
CNA Linux Linux unaffected 6.12.75 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.16 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.6 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/b73d85231d5b1400a4fa5046cdac6c4d7cc6d969 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/526816f2e331954d80fed8b37fa94efbbdde2b8d 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/b74cedac643b02aefa7da881b58a3792859d9748 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/dc2b7deae740a3ed138fb7ae17c97fa4055cfc5f 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report