23 matches found
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Media: i2c: max9286 – Fix for kernel oops when removing the module When removing the max9286 module, a kernel oops occurs: Unable to handle kernel paging request at virtual address 000000aa00000094 Mem abort info: ESR =...
CVE-2026-46239
A flaw was found in the Linux kernel's media: i2c: ov5647 driver. This issue occurs because certain control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN do not properly release power management PM runtime reference counts. This oversight can lead to a resource leak, potentially resulting in a Denia...
CVE-2026-46239 media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...
CVE-2026-43312
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
CVE-2026-43312 media: i2c: ov5647: Initialize subdev before controls
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
EUVD-2022-55802
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak...
CVE-2022-50759
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak...
CVE-2022-50759 media: i2c: ov5648: Free V4L2 fwnode data on unbind
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure doesn't get freed on unbind, which leads to a memleak...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990048)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990048 advisory. In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in...
Linux Distros Unpatched Vulnerability : CVE-2025-39995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state-timer is a cyclic timer that schedules worki2cpoll and...
SUSE CVE-2025-39995
In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state-timer is a cyclic timer that schedules worki2cpoll and delayedworkenablehotplug, while rearming itself. Using timerdelete fails to guarantee...
CVE-2025-39995
In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state-timer is a cyclic timer that schedules worki2cpoll and delayedworkenablehotplug, while rearming itself. Using timerdelete fails to guarantee...
DEBIAN-CVE-2025-39995
In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state-timer is a cyclic timer that schedules worki2cpoll and delayedworkenablehotplug, while rearming itself. Using timerdelete fails to guarantee...
CVE-2025-39995
CVE-2025-39995: Linux kernel vulnerability in media: i2c: tc358743 where use-after-free occurs due to an orphan timer and in-flight delayed_work during probe failure. The cyclic timer schedules work_i2c_poll and delayed_work_enable_hotplug and may reference tc358743_state after it is freed. A fix...
CVE-2025-39995 media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe
In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state-timer is a cyclic timer that schedules worki2cpoll and delayedworkenablehotplug, while rearming itself. Using timerdelete fails to guarantee...
CVE-2023-53637 media: i2c: ov772x: Fix memleak in ov772x_probe()
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov772x: Fix memleak in ov772xprobe A memory leak was reported when testing ov772x with bpf mock device: AssertionError: unreferenced object 0xffff888109afa7a8 size 8: comm "python3", pid 279, jiffies 4294805921 age...
PT-2025-38199
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A kernel memory leak kmemleak exists in the ov2740 init controls function within the media/i2c/ov2740.c file. This leak occurs when testing with a bpf mock device, specifically due to...
Linux Distros Unpatched Vulnerability : CVE-2024-56576
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe function, we should remove the polling timer that was...
Linux Distros Unpatched Vulnerability : CVE-2024-49961
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: i2c: ar0521: Use cansleep version of gpiodsetvalue If we use GPIO reset from I2C port...
SUSE CVE-2024-58003
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ds90ub9x3: Fix extra fwnodehandleput The ub913 and ub953 drivers call fwnodehandleputpriv-sd.fwnode as part of their remove process, and if the driver is removed multiple times, eventually leads to put "overflow",...