801 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In the function ov5647initcontrols, we call v4l2getsubdevdata, but this initialization is actually done by v4l2i2csubdevinit within the probe function. Currently, this happens...
CVE-2025-59610 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...
CVE-2025-59610 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...
EUVD-2026-19331
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21376
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21378 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21376 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2025-47391 Stack-based Buffer Overflow in Camera Driver
Memory corruption while processing a frame request from user...
CVE-2025-47391
CVE-2025-47391 corresponds to a memory corruption issue described in connected records as a stack-based buffer overflow in a camera driver, triggered during processing of a frame request from user. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) indicates local attack vector with low pr...
CVE-2025-47391 Stack-based Buffer Overflow in Camera Driver
Memory corruption while processing a frame request from user...
CVE-2025-47390 Buffer Over-read in Camera
Memory corruption while preprocessing IOCTL request in JPEG driver...
CVE-2025-47390
CVE-2025-47390 describes memory corruption during preprocessing of an IOCTL request in the JPEG driver (also referenced as a Camera-related issue). The vulnerability is categorized with high impact (CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and requires local access with low privileges; ther...
CVE-2025-47374
CVE-2025-47374 involves a use-after-free in the camera driver leading to memory corruption. Reported cause: memory access to freed memory due to concurrent fence deregistration and signal handling. Affected component is the camera driver; impact as described is memory corruption with potential im...
CVE-2025-47374 Use After Free in Camera Driver
Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling...
CVE-2025-47374 Use After Free in Camera Driver
Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling...
PT-2026-30646
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004382)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004382 advisory. In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770. Tenabl...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004063)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004063 advisory. In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770. Tenabl...
CVE-2019-2290
Multiple open and close from multiple threads will lead camera driver to access destroyed session data pointer in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W,...
CVE-2025-47344
CVE-2025-47344 is linked to memory corruption in sensor utility handling (affecting Qualcomm chipsets and related camera/sensor drivers). The Red Hat, NVD, and CVE lists describe a local exploit surface with high impact to confidentiality, integrity, and availability, caused by issues in processi...