305 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: ipu3imggu: Fixed NULL pointer dereferencing in active selection access. The IMGu driver handled this by first acquiring the pointers to the active devices, then attempting to use V4L2 subdev functions. Only after that did ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: - media: v4l2-core: A potential resource leak was fixed in v4l2fwnodeparselink. - If the fwnodegraphgetremoteendpoint function fails, and ‘fwnode’ is set to NULL, then fwnodehandlePUT is a no-op. Instead, release the reference...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: vivid: Changed the size of the composition Syzkaller discovered a bug: BUG: KASAN: Out-of-bounds access to memory during tpgfillplanepattern in drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN:...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fixed a memory leak in pvrprobe. The error handling code in pvr2hdwcreate forgets to unregister the v4l2 device. When pvr2hdwcreate returns back to pvr2contextcreate, it calls pvr2contextdestroy to destroy the...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose-height boundary issue Syzkaller identified a bug: BUG: Unable to handle page faults for address: ffffc9000a3b1000 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-present page PGD...
SUSE CVE-2026-43310
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...
SUSE CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
SUSE CVE-2026-43231
In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...
EUVD-2026-28580
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...
CVE-2026-43310
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...
PT-2026-38952
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description On the i.MX8MQ platform, a hardware limitation exists where the g1 VPU and g2 VPU cannot perform decoding simultaneously. Concurrent operation leads to a bus error, resulting in corrupte...
EUVD-2026-27805
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906probe In one of the error paths in tw9906probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...
CVE-2026-43218
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903probe In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...
CVE-2026-43246 media: i2c/tw9906: Fix potential memory leak in tw9906_probe()
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906probe In one of the error paths in tw9906probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...
CVE-2026-43235
Summary: CVE-2026-43235 affects the Linux kernel iris media driver for SM8750. The vulnerability arises from two missing platform-data entries in the iris driver, which prevents proper internal buffer allocation and incomplete capability checks. What’s affected: Linux kernel/iris media driver (SM...
CVE-2026-43235
In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - getvpubuffersize = irisvpu33bufsize Without this, the driver fails to allocate the required internal buffers, leading to...
CVE-2026-43218
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903probe In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...
CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43189 media: v4l2-async: Fix error handling on steps after finding a match
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43189
The CVE-2026-43189 issue affects the Linux kernel’s media/v4l2-async matching workflow. When an async connection matches with a firmware node, a sub-device may be registered, its bound operation invoked, ancillary links created, and the connection added to the sub-device’s list before moving on t...