Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that initiated the operation. That pointer will be used when the device is completed—which could happen at any time ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skipping the parsing of frames of type UVCVSUNDEFINED in uvcparseformat. This issue can lead to out-of-bounds write attacks, as frames of this type were not taken into consideration when calculating the size of t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a memory leak in uvcgpioparse Previously, the unit buffer was allocated before checking the IRQ for privacy-related GPIO signals. If an error occurred, the unit buffer could be leaked. The issue is now...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Buffers are returned if streaming fails to start due to a uvcpmget error. This bug may be responsible for the warning that I encountered during testing. The issue...

SUSE CVE-2026-43290

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

A flaw was found in the Linux kernel's uvcvideo module. This vulnerability occurs when the startstreaming function fails to return queued buffers due to an error in uvcpmget. A local attacker could potentially trigger this condition, leading to system instability or a denial of service DoS by...

EUVD-2026-28560

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

CVE-2026-43290

Summary (CVE-2026-43290) A flaw in the Linux kernel's media subsystem (uvcvideo) can occur when start_streaming() fails due to an error in uvc_pm_get(), causing queued buffers to not be returned. The issue can lead to system instability or a denial of service by triggering a USB host controller f...

CVE-2026-43290

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible for a warning I got running while :; do yavta -c3 /dev/video0; done on...

PT-2026-38932

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the uvcvideo component of the media subsystem. The issue occurs when start streaming fails due to a uvc pm get error, where queued buffers are not properly returned. Thi...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of uvcvideo to return the buffer queue when startstreaming fails, potentially leading...

Linux Distros Unpatched Vulnerability : CVE-2026-43290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: uvcvideo: Return queued buffers on startstreaming failure Return buffers if streaming fails to start due to uvcpmget error. This bug may be responsible f...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a deadlock during uvcprobe If uvcprobe fails, it may end up calling uvcstatusunregister before uvcstatusinit is called. This issue was fixed by checking whether dev-status is NULL during uvcstatusunregister...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handling cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is larger than the mask size, we might perform an out-of-bound read...

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2024-58002, CVE-2025-38089 Vulnerability Details CVEID:CVE-2024-58002 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove...

Oracle Linux 10 : kernel (ELSA-2026-6632)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6632 advisory. - net/mlx5: Fix ECVF vports unload on shutdown flow CKI Backport Bot RHEL-154540 CVE-2025-38109 - mm/damon/sysfs: cleanup attrs subdirs on context dir...

ROS-20260403-73-0022

A vulnerability in the uvcvideo component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...

CLSA-2026-1771241609 kernel: Fix of 13 CVEs

vsock: Do not allow binding to VMADDRPORTANY CVE-2025-38618 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - pptp: ensure minimal skb length in pptpxmit CVE-2025-38574 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...