40 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handling cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...
CVE-2026-43290
Summary (CVE-2026-43290) A flaw in the Linux kernel's media subsystem (uvcvideo) can occur when start_streaming() fails due to an error in uvc_pm_get(), causing queued buffers to not be returned. The issue can lead to system instability or a denial of service by triggering a USB host controller f...
CVE-2026-43290
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...
Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance
Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2024-58002, CVE-2025-38089 Vulnerability Details CVEID:CVE-2024-58002 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove...
Oracle Linux 10 : kernel (ELSA-2026-6632)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6632 advisory. - net/mlx5: Fix ECVF vports unload on shutdown flow CKI Backport Bot RHEL-154540 CVE-2025-38109 - mm/damon/sysfs: cleanup attrs subdirs on context dir...
CLSA-2026-1771077729 kernel: Fix of 107 CVEs
net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - bpf: Don't redirect packets with invalid pktlen CVE-2022-49975 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat CVE-2025-38680 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network...
CVE-2022-50882
CVE-2022-50882 affects the Linux kernel's media: uvcvideo component. The root cause was a memory/resource leak where the unit buffer was allocated before validating the privacy GPIO IRQ. The fix postpones allocating the unit buffer until after the IRQ check, preventing leaks. Impact is described ...
CVE-2022-50882 media: uvcvideo: Fix memory leak in uvc_gpio_parse
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix memory leak in uvcgpioparse Previously the unit buffer was allocated before checking the IRQ for privacy GPIO. In case of error, the unit buffer was leaked. Allocate the unit buffer after the IRQ to avoid it...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992394)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992394 advisory. In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain an...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992191)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992191 advisory. In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain an...
RLSA-2025:11411 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel: sunrpc: handle SVCGARBAGE during svc auth processing as auth error CVE-2025-38089 For more details about the security...
RLSA-2025:11861 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel: RDMA/mlx5: Fix pagesize variable overflow...
RLSA-2025:11428 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 kernel: wifi: iwlwifi: limit printed string from FW file...
UBUNTU-CVE-2023-53437
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...
CVE-2023-53437 media: uvcvideo: Handle cameras with invalid descriptors
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...
CVE-2023-53437
CVE-2023-53437 affects the Linux kernel media: uvcvideo driver. The vulnerability arises when handling cameras with invalid descriptors, potentially enabling local attacker access due to improper link handling when a source entity has no pads. Public docs (OpenVAS/Nessus summaries) list updates t...
Oracle Linux 7 : kernel (ELSA-2025-14748)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14748 advisory. - kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 - kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove...
kernel security update
3.10.0-1160.119.1.0.11.el7.OL7 - kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 - kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 - kernel: ext4: fix off-by-one error in dosplit CVE-2025-23150 - kernel: misc/vmwvmci: fix an infoleak in...
RHEL 9 : kernel (RHSA-2025:13781)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13781 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Remove...
RHEL 9 : kernel-rt (RHSA-2025:13633)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13633 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...