317 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fixed a memory leak in pvrprobe. The error handling code in pvr2hdwcreate forgets to unregister the v4l2 device. When pvr2hdwcreate returns back to pvr2contextcreate, it calls pvr2contextdestroy to destroy the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out-of-bounds write due to improper input validation. This could lead to a local escalation of privileges, as the system requires execution privileges to exploit the vulnerability. User interaction is not required for exploitation. Product...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose-height boundary issue Syzkaller identified a bug: BUG: Unable to handle page faults for address: ffffc9000a3b1000 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-present page PGD...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: A memory leak has been fixed in hi846parsedt. If any of the checks related to the supported link frequencies fail, then the V4L2 fwnode resources do not get released before returning, resulting in a memory leak...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘media: v4l2-ctrls: show all owned controls in logstatus’”. This change is reflected in commit 9801b5b28c6929139d6fceeee8d739cc67bb2739. This patch introduced a potential deadlock scenario: Wed May 8 10:02:06 2024 Possibl...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fixed a memory leak in max9286v4l2register There is a memory leak when testing the media/i2c/max9286.c file using the bpf mock tool. kmemleak: 5 new suspected memory leaks see /sys/kernel/debug/kmemleak...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fixed the overly strict sanity checks related to blanking periods. Sanity checks were added to verify the v4l2bttimings blanking fields, in order to avoid integer overflows when the user space passes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: ipu3imggu: Fixed NULL pointer dereferencing in active selection access. The IMGu driver handled this by first acquiring the pointers to the active devices, then attempting to use V4L2 subdev functions. Only after that did ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: tc358743 – The v4l2 async device is registered only after a successful setup. Ensure that the device has been set up correctly before registering the v4l2 async device, thereby allowing userspace to access it...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc. In tpgalloc, resources should be deallocated in every possible error-handling path, as they are allocated using for statements. Otherwise, memleaks could occur, since tpgfree is onl...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: media:v4l2-core: A potential resource leak was fixed in v4l2fwnodeparselink. If the fwnodegraphgetremoteendpoint function fails, fwnode is known to be NULL. Therefore, fwnodehandlePUT is a no-op. Instead, the reference taken...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data. As seen from a recent syzbot bug report, mistakes in the compat ioctl implementation can lead to uninitialized kernel stack data being used as input for driver ioctl handlers...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: A bug related to use-after-free was fixed due to error path handling in mtkjpegdecdevicerun. In mtkjpegprobe, the variable &jpeg-jobtimeoutwork is bound to mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if an err...
SUSE CVE-2026-43310
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...
SUSE CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
SUSE CVE-2026-43231
In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...
EUVD-2026-28580
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...
CVE-2026-43310
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...
CVE-2026-43310 media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...
PT-2026-38952
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description On the i.MX8MQ platform, a hardware limitation exists where the g1 VPU and g2 VPU cannot perform decoding simultaneously. Concurrent operation leads to a bus error, resulting in corrupte...