Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that initiated the operation. That pointer will be used when the device is completed—which could happen at any time ...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is larger than the mask size, we might perform an out-of-bound read...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skipping the parsing of frames of type UVCVSUNDEFINED in uvcparseformat. This issue can lead to out-of-bounds write attacks, as frames of this type were not taken into consideration when calculating the size of t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a memory leak in uvcgpioparse Previously, the unit buffer was allocated before checking the IRQ for privacy-related GPIO functions. If an error occurred, the unit buffer could be leaked. This issue is now...

SUSE CVE-2026-43290

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

A flaw was found in the Linux kernel's uvcvideo module. This vulnerability occurs when the startstreaming function fails to return queued buffers due to an error in uvcpmget. A local attacker could potentially trigger this condition, leading to system instability or a denial of service DoS by...

EUVD-2026-28560

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

Summary (CVE-2026-43290) A flaw in the Linux kernel's media subsystem (uvcvideo) can occur when start_streaming() fails due to an error in uvc_pm_get(), causing queued buffers to not be returned. The issue can lead to system instability or a denial of service by triggering a USB host controller f...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of uvcvideo to return the buffer queue when startstreaming fails, potentially leading...

Linux Distros Unpatched Vulnerability : CVE-2026-43290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible f...

PT-2026-38932

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the uvcvideo component of the media subsystem. The issue occurs when start streaming fails due to a uvc pm get error, where queued buffers are not properly returned. Thi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a deadlock during uvcprobe If uvcprobe fails, it may end up calling uvcstatusunregister before uvcstatusinit is called. This issue was fixed by checking whether dev-status is NULL during uvcstatusunregister...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a crash that occurs during unbinding if the gpio unit is in use. We used the wrong device for the functions that manage devices. We used the USB device, when we should have used the interface device. If we...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a 1-byte out-of-bounds read in uvcparseformat. The check for the buffer length before calling uvcparseformat only ensured that the buffer contained at least 3 bytes buflen 2. However, the function accesses...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a double-free in the error path. If the uvcstatusinit function fails to allocate the inturb variable, it will free the dev-status pointer without resetting it to NULL. This causes the kfree call in...

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2024-58002, CVE-2025-38089 Vulnerability Details CVEID:CVE-2024-58002 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove...

Oracle Linux 10 : kernel (ELSA-2026-6632)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6632 advisory. - net/mlx5: Fix ECVF vports unload on shutdown flow CKI Backport Bot RHEL-154540 CVE-2025-38109 - mm/damon/sysfs: cleanup attrs subdirs on context dir...