114 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: The issue related to media:imagination: a potential memory leak was fixed in e5010probe. Additionally, videodevicerelease was added to release the memory allocated by videodevicealloc in case of any issues...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Set video drvdata before registering the video device The video drvdata should be set before the video device is registered. Otherwise, videodrvdata may return NULL in the open file operations, leading to errors...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fixed a memory leak in ov2740initcontrols There is a memory leak when testing the media/i2c/ov2740.c file using bpf mock. Unreferenced object: 0xffff8881090e19e0 size 16: Command “51-i2c-ov2740”, PID 278, jiffies...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: - In media:meson:vdec, a possible refcount leak has been fixed in vdecprobe. - It is necessary to call v4l2deviceunregister to reset the refcount obtained by v4l2deviceregister when vdecprobe fails or vdecremove is called...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 The videodevice of the MPEG encoder did not set devicecaps. This needs to be added; otherwise, the videodevice cannot be registered a WARNON message will be generated instead. This issue was...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before registering the video device. video drvdata should be set before the video device is registered; otherwise, videodrvdata may return NULL in the open file operations, leading to errors...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: staging: media: zoran: move videodevalloc. Some code has been moved out of zr36057init, and new functions have been created to handle zr-videodev. This allows for easier code reading and fixes a memory leak related to...
SUSE CVE-2026-43229
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
CVE-2026-43290 media: uvcvideo: Return queued buffers on start_streaming() failure
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...
CVE-2026-43189
A flaw was found in the v4l2-async component of the Linux kernel. Improper error handling during asynchronous video device matching can lead to a null pointer dereference. This issue could allow a local attacker to trigger a system crash, resulting in a Denial of Service DoS...
EUVD-2026-27792
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
EUVD-2026-27790
In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...
CVE-2026-43229
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
CVE-2026-43229 media: chips-media: wave5: Fix device cleanup order to prevent kernel panic
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
PT-2026-37569
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
CVE-2026-31583 media: em28xx: fix use-after-free in em28xx_v4l2_open()
In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xxv4l2open em28xxv4l2open reads dev-v4l2 without holding dev-lock, creating a race with em28xxv4l2init's error path and em28xxv4l2fini, both of which free the em28xxv4l2 struct and set...
CVE-2026-31576
CVE-2026-31576 affects the Linux kernel hackrf driver. A race condition allows use-after-free and double-free when memory for the hackrf device is freed on the error path after probe() has registered the device. Open file descriptors and in-flight I/O can still reference the device while v4l2/vid...
CVE-2026-31576
In the Linux kernel, the following vulnerability has been resolved: media: hackrf: fix to not free memory after the device is registered in hackrfprobe In hackrf driver, the following race condition occurs: CPU0 CPU1 hackrfprobe kzalloc; // alloc hackrfdev .... v4l2deviceregister; .... fd =...
PT-2026-34378
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the media mc and v4l2 components where MEDIA REQUEST IOC REINIT can run concurrently with VIDIOC REQBUFS0 queue teardown paths. This concurrency can cause...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013492)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013492 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 The videodevice for the MPEG encoder did not set devicecap...