Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fixed a memory leak in pvrprobe. The error handling code in pvr2hdwcreate forgets to unregister the v4l2 device. When pvr2hdwcreate returns back to pvr2contextcreate, it calls pvr2contextdestroy to destroy the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: ipu3imggu: Fixed a NULL pointer dereferencing issue in active selection access. The IMGu driver handled this by first acquiring the pointers to the active devices, then attempting V4L2 Subdev operations, and only then...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: media:v4l2-core: A potential resource leak has been fixed in v4l2fwnodeparselink. If the fwnodegraphgetremoteendpoint function fails, fwnode is known to be NULL. Therefore, fwnodehandlePUT is a no-op. Instead, the reference...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: tc358743 – The v4l2 async device is registered only after a successful setup. Ensure that the device has been set up correctly before registering the v4l2 async device, thereby allowing userspace to access it...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fixed a memory leak in max9286v4l2register There is a memory leak when testing the media/i2c/max9286.c file using the bpf mock tool. kmemleak: 5 new suspected memory leaks see /sys/kernel/debug/kmemleak...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: A bug related to use-after-free was fixed due to error path handling in mtkjpegdecdevicerun. In mtkjpegprobe, the variable &jpeg-jobtimeoutwork is bound to mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if an err...

SUSE CVE-2026-43310

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...

SUSE CVE-2026-43189

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...

SUSE CVE-2026-43231

In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...

EUVD-2026-28580

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...

CVE-2026-43310

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...

PT-2026-38952

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description On the i.MX8MQ platform, a hardware limitation exists where the g1 VPU and g2 VPU cannot perform decoding simultaneously. Concurrent operation leads to a bus error, resulting in corrupte...

EUVD-2026-27805

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906probe In one of the error paths in tw9906probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...

CVE-2026-43218

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903probe In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...

CVE-2026-43246 media: i2c/tw9906: Fix potential memory leak in tw9906_probe()

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906probe In one of the error paths in tw9906probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...

CVE-2026-43235

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - getvpubuffersize = irisvpu33bufsize Without this, the driver fails to allocate the required internal buffers, leading to...

CVE-2026-43235

Summary: CVE-2026-43235 affects the Linux kernel iris media driver for SM8750. The vulnerability arises from two missing platform-data entries in the iris driver, which prevents proper internal buffer allocation and incomplete capability checks. What’s affected: Linux kernel/iris media driver (SM...

CVE-2026-43218

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903probe In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...

CVE-2026-43189

The CVE-2026-43189 issue affects the Linux kernel’s media/v4l2-async matching workflow. When an async connection matches with a firmware node, a sub-device may be registered, its bound operation invoked, ancillary links created, and the connection added to the sub-device’s list before moving on t...

CVE-2026-43189 media: v4l2-async: Fix error handling on steps after finding a match

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...