SB2026040661 - NULL pointer dereference in Linux kernel i915 display driver
Published: April 6, 2026
Security Bulletin ID
SB2026040661
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2026-23467)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a NULL pointer dereference in the intel_dmc_update_dc6_allowed_count() function when initializing display power management during device probe. A local user can trigger the vulnerable code path to cause a denial of service.
The issue occurs when DMC has not been initialized and the dmc pointer is NULL. It is triggered only under specific DC state conditions during probe, making the failure mode unlikely.
Remediation
Install update from vendor's website.