75 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In the function ov5647initcontrols, we call v4l2getsubdevdata, but this initialization is actually done by v4l2i2csubdevinit within the probe function. Currently, this happens...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fixed the null-ptr-deref in pcl818aicancel Syzbot identified an issue 1 in pcl818ai Cancel, which stems from the fact that in case of early device detachment via pcl818detach, subdevice dev-readsubdev may not have...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: ipu3imggu: Fixed a NULL pointer dereferencing issue in active selection access. The IMGu driver handled this by first acquiring the pointers to the active devices, then attempting V4L2 Subdev operations, and only then...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: - media: v4l2-subdev: Fixed an issue with the check for allocation failures in v4l2subdevcallstatetry. The v4l2subdevcallstatetry macro uses v4l2subdevstatealloc to allocate a subdev state, but does not check the returned valu...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Comedi: Fixed the initialization of data for instructions that write to sub-devices. It is known that some Comedi sub-device instruction handlers access data elements beyond the first insn-n elements in some cases. The doinsnioct...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex The mutex of the struct applesmc is initialized in the applesmcprobe function. Surprisingly, using the uninitialized mutex only resulted in occasional NULL pointer dereferences in calls to applesmcre...
SUSE CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43312
A flaw was found in the Linux kernel's ov5647 driver. An issue in the initialization order of the subdevice, where v4l2getsubdevdata is called before the subdevice is properly initialized, can lead to a segmentation fault. This can result in a system crash, causing a Denial of Service DoS...
EUVD-2026-28582
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
UBUNTU-CVE-2026-43312
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
CVE-2026-43312 media: i2c: ov5647: Initialize subdev before controls
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
CVE-2026-43312
CVE-2026-43312 is a Linux kernel vulnerability in the ov5647 V4L2 I2C driver. The issue arises from calling v4l2_get_subdevdata in ov5647_init_controls() before the subdevice is initialized by v4l2_i2c_subdev_init() during probe, which can dereference i2c_client and cause a segfault if an error p...
CVE-2026-43312
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
EUVD-2026-27751
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
EUVD-2026-27721
In the Linux kernel, the following vulnerability has been resolved: media: tegra-video: Fix memory leak in tegrachanneltryformat The state object allocated by v4l2subdevstatealloc must be freed with v4l2subdevstatefree when it is no longer needed. In tegrachanneltryformat, two error paths return...
CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43162
In the Linux kernel, the following vulnerability has been resolved: media: tegra-video: Fix memory leak in tegrachanneltryformat The state object allocated by v4l2subdevstatealloc must be freed with v4l2subdevstatefree when it is no longer needed. In tegrachanneltryformat, two error paths return...
PT-2026-37529
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the v4l2-async component of the media subsystem regarding error handling after a match is found with an fwnode. Specifically, if the v4l2 async match notify function...
PT-2026-37502
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tegra channel try format function. The issue arises because two error paths return immediately after the v4l2 subdev call function fails, failing to call v4l2...
CVE-2025-71157 RDMA/core: always drop device refcount in ib_del_sub_device_and_put()
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ibdelsubdeviceandput Since nldevdeldev introduced by commit 060c642b2ab8 "RDMA/nldev: Add support to add/delete a sub IB device through netlink" grabs a reference using ibdevicegetbyindex...