EUVD-2026-28560

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

UBUNTU-CVE-2026-43290

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

Summary (CVE-2026-43290) A flaw in the Linux kernel's media subsystem (uvcvideo) can occur when start_streaming() fails due to an error in uvc_pm_get(), causing queued buffers to not be returned. The issue can lead to system instability or a denial of service by triggering a USB host controller f...

SUSE CVE-2026-31726

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: UVC: Prevent buffer overflow in setup handler The uvcfunctionsetup function allows control transfers with a payload of up to 64 bytes UVCMAXREQUESTSIZE. The data stage handler for OUT transfers uses memcpy to copy th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Use the correct buffer size when parsing configfs lists This commit fixes the support for the uvc gadget on 32-bit platforms. The commit 0df28607c5cb “usb: gadget: uvc: Generalize helper functions for reuse”...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix list double add in uvcgvideopump A panic may occur if the endpoint becomes disabled, and uvcgvideopump adds the request back to the reqfree list after it has already been queued to the endpoint. The...

CVE-2026-31726

A flaw was found in the Linux kernel's USB Video Class UVC gadget driver. A race condition during power management PM transitions can cause a null pointer dereference. This occurs when the system attempts to access a deallocated gadget pointer, leading to a kernel panic. This vulnerability can be...

CVE-2026-31726

Technical details for CVE-2026-31726 are not publicly available in the provided Connected documents. The Initial Description outlines a Linux kernel UVC unbind race fix, but no vendor/product/version specifics are given here. Monitor for updates from OSV/Mageia/Debian advisories.

PT-2026-36361

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition in the USB gadget UVC USB Video Class component can lead to a NULL pointer dereference. During power management transitions, the wait event interruptible timeout functio...

CLSA-2026-1771239384 kernel: Fix of 75 CVEs

net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 - NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 - scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow CVE-2023-53676 - KVM: x86: use arrayindexnospec with indices that come from...

CVE-2026-1991

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

UBUNTU-CVE-2026-1991

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

CVE-2026-1991

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

CVE-2026-1991 libuvc UVC Descriptor device.c uvc_scan_streaming null pointer dereference

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

EUVD-2026-5585

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

CVE-2026-1991

CVE-2026-1991 affects libuvc up to 0.0.7. The vulnerability is a null pointer dereference in uvc_scan_streaming (src/device.c) of the UVC Descriptor Handler. Local access is required, and public exploit activity is noted. Multiple sources (NVD, Ubuntu, Red Hat, OSV, Debian tracker, CVE listing) d...

CVE-2026-1991 libuvc UVC Descriptor device.c uvc_scan_streaming null pointer dereference

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

Linux Distros Unpatched Vulnerability : CVE-2026-1991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler...