SUSE CVE-2026-43136

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidppgetreportlength Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be...

Astra Linux – Vulnerability in Qemu

An infinite loop flaw was discovered in the e1000 NIC emulator of QEMU. This issue occurs when processing transmit tx descriptors in processtxdesc, especially if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handling cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003828)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003828 advisory. An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004063)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004063 advisory. In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770. Tenabl...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004382)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004382 advisory. In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770. Tenabl...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000404 advisory. In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770. Tenabl...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993240 advisory. In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain an...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992191 advisory. In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain an...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992394 advisory. In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain an...

SUSE CVE-2023-53437

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

CVE-2023-53437

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

CVE-2023-53437

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

DEBIAN-CVE-2023-53437

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

UBUNTU-CVE-2023-53437

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

CVE-2023-53437

CVE-2023-53437 affects the Linux kernel media: uvcvideo driver. The vulnerability arises when handling cameras with invalid descriptors, potentially enabling local attacker access due to improper link handling when a source entity has no pads. Public docs (OpenVAS/Nessus summaries) list updates t...

CVE-2023-53437 media: uvcvideo: Handle cameras with invalid descriptors

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

CVE-2023-53437 media: uvcvideo: Handle cameras with invalid descriptors

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

CVE-2023-53437 media: uvcvideo: Handle cameras with invalid descriptors

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

PT-2025-38456

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where cameras with invalid descriptors are not handled correctly. Specifically, if a source entity lacks pads, a link is incorrectly created...