115 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - media: meson: vdec: fixed a possible refcount leak in vdecprobe - v4l2deviceunregister must be called to reset the refcount obtained by v4l2deviceregister when vdecprobe fails or vdecremove is called...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before registering the video device. video drvdata should be set before the video device is registered; otherwise, videodrvdata may return NULL in the open file operations, leading to errors...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417. The videodevice for the MPEG encoder did not set devicecaps. This issue needs to be addressed; otherwise, the videodevice cannot be registered a WARNON message will be generated. This issue...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Set video drvdata before registering the video device The video drvdata should be set before the video device is registered. Otherwise, videodrvdata may return NULL in the open file operations, leading to errors...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: imagination: A potential memory leak has been fixed in e5010probe. videodevicerelease has been added to release the memory allocated by videodevicealloc, in case of any issues...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: staging: media: zoran: move videodevalloc. Some code has been moved out of zr36057init, and new functions have been created to handle zr-videodev. This allows for easier code reading and fixes a memory leak related to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fixed a memory leak in ov2740initcontrols There is a memory leak when testing the media/i2c/ov2740.c file using bpf mock. Unreferenced object: 0xffff8881090e19e0 size 16: Command: “51-i2c-ov2740”, PID 278, jiffies...
CVE-2026-46815
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...
SUSE CVE-2026-43229
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
CVE-2026-43290 media: uvcvideo: Return queued buffers on start_streaming() failure
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...
CVE-2026-43189
A flaw was found in the v4l2-async component of the Linux kernel. Improper error handling during asynchronous video device matching can lead to a null pointer dereference. This issue could allow a local attacker to trigger a system crash, resulting in a Denial of Service DoS...
EUVD-2026-27792
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
EUVD-2026-27790
In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...
CVE-2026-43229
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
CVE-2026-43229 media: chips-media: wave5: Fix device cleanup order to prevent kernel panic
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
PT-2026-37569
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
CVE-2026-31583 media: em28xx: fix use-after-free in em28xx_v4l2_open()
In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xxv4l2open em28xxv4l2open reads dev-v4l2 without holding dev-lock, creating a race with em28xxv4l2init's error path and em28xxv4l2fini, both of which free the em28xxv4l2 struct and set...
CVE-2026-31576
CVE-2026-31576 affects the Linux kernel hackrf driver. A race condition allows use-after-free and double-free when memory for the hackrf device is freed on the error path after probe() has registered the device. Open file descriptors and in-flight I/O can still reference the device while v4l2/vid...
CVE-2026-31576
In the Linux kernel, the following vulnerability has been resolved: media: hackrf: fix to not free memory after the device is registered in hackrfprobe In hackrf driver, the following race condition occurs: CPU0 CPU1 hackrfprobe kzalloc; // alloc hackrfdev .... v4l2deviceregister; .... fd =...
PT-2026-34378
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the media mc and v4l2 components where MEDIA REQUEST IOC REINIT can run concurrently with VIDIOC REQBUFS0 queue teardown paths. This concurrency can cause...