79 matches found
CVE-2026-46058
A flaw was found in the Linux kernel, specifically within the amphion video processing unit VPU driver. A race condition, a situation where multiple operations occur in an unpredictable order, exists in the Video for Linux 2 V4L2 media-to-memory m2m framework. This vulnerability allows a local...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Media: v4l: async: Fixed NULL pointer dereferencing in adding auxiliary links. In v4l2asynccreateancillarylinks, auxiliary links are created for lens and flash sub-devices. These are links between sub-devices. If the async notifi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init The struct v4l2asyncnotifier contains several listhead members, but only waitinglist and donelist are initialized. The notifierentry was left “zeroed”, resulting in an uninitialized...
CVE-2026-43246
A flaw was found in the Linux kernel's tw9906 driver. An issue in an error path within the tw9906probe function can lead to a memory leak. Specifically, memory allocated during the initialization of the video for Linux 2 V4L2 control handler is not properly released, which could result in system...
EUVD-2026-27778
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903probe In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...
EUVD-2026-27751
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43189 media: v4l2-async: Fix error handling on steps after finding a match
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
PT-2026-37502
In the Linux kernel, the following vulnerability has been resolved: media: tegra-video: Fix memory leak in tegra channel try format The state object allocated by v4l2 subdev state alloc must be freed with v4l2 subdev state free when it is no longer needed. In tegra channel try format, two error...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-m2m: added a lock to protect the numrdy parameter. An error occurs when using KCSAN to check the driver. A lock was added to protect the numrdy parameter when retrieving its value using the functions:...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675initcontrols There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff888107362160 size 16: comm "python3", pid 277, jiffies...
CVE-2026-31583
In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xxv4l2open em28xxv4l2open reads dev-v4l2 without holding dev-lock, creating a race with em28xxv4l2init's error path and em28xxv4l2fini, both of which free the em28xxv4l2 struct and set...
CVE-2026-31583
In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xxv4l2open em28xxv4l2open reads dev-v4l2 without holding dev-lock, creating a race with em28xxv4l2init's error path and em28xxv4l2fini, both of which free the em28xxv4l2 struct and set...
PT-2026-34928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the hackrf driver. When the hackrf probe function registers a device and subsequently encounters an error, it may free device memory using kfree while file...
CVE-2026-31473 media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex
In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003810)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003810 advisory. An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver...
CVE-2023-54208
In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675initcontrols There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff888107362160 size 16: comm "python3", pid 277, jiffies...
CVE-2023-54208
In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675initcontrols There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff888107362160 size 16: comm "python3", pid 277, jiffies...
CVE-2022-50759
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak...