Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fixed resource leaks in vdecmsgqueueinit. If any error occurs during the execution of vdecmsgqueueinit, we need to set msgqueue-wdmaaddr.size = 0;. Normally, this is done within the vdecmsgqueuedeinit...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: There is a potential null pointer dereference issue in the SCP code. The return value of devmkzalloc needs to be checked to avoid NULL pointer dereferences. This is similar to the CVE-2022-3113 vulnerability...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the H264 stateless decoder’s “smatch” warning. A “smatch static checker” warning was also fixed in vdech264reqif.c. This issue causes the kernel to crash when fb is NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: media: mediatek: vcodec: fix decoder disable pm crash It is not possible to call pmruntimedisable when the architecture supports a sub-device for “dev-pm.dev” is NUll, or it may result in a crash log. 10.771551 pc :...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Cannot set dstbuffer to done when a late decoding error occurs. The core thread will call v4l2m2mbufdone to set the dstbuffer as done for the late architecture. If v4l2m2mbufdoneandjobfinish is called lat...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: The spinlock is used as a lock for protecting the context list. Previously, a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Added a lock to protect the encoder context list. A lock was added for the ctxlist to prevent accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist is deleted due to an unexpect...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Media: MediTech: vcodec – Added a lock to protect the decoder context list. Added a lock for the ctxlist to prevent accessing a NULL pointer within the ‘vpudecipihandler’ function when the ctxlist is deleted due to an unexpect...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Handle invalid decoder vsi This issue addresses the handling of an invalid decoder vsi in vpudecinit, ensuring that the decoder vsi is valid for future use...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Media: MediTech: vcodec: Fixed an oops when HEVC initialization fails The stateless HEVC decoder saves the instance pointer in the context, regardless of whether the initialization succeeded or not. This caused a use-after-fre...

Linux Distros Unpatched Vulnerability : CVE-2026-31584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any...

CVE-2026-31584

A flaw was found in the MediaTek vcodec driver within the Linux kernel. This use-after-free vulnerability occurs when the driver frees a context structure before ensuring that all pending or running workqueue operations have completed. A local attacker could exploit this race condition, potential...

CVE-2026-31584

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...

CVE-2026-31584

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...

CVE-2026-31584

CVE-2026-31584 - Linux kernel (MediaTek vcodec) use-after-free in encoder release path : The fops_vcodec_release() frees the context (ctx) without cancelling or synchronizing pending/running encode work, allowing the mtk_venc_worker to dereference freed ctx. Root cause: v4l2_m2m_ctx_release() wai...

CVE-2026-31584

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...

CVE-2026-31584 media: mediatek: vcodec: fix use-after-free in encoder release path

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...

EUVD-2026-25477

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...

PT-2026-34936

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the MediaTek vcodec encoder release path. The fops vcodec release function frees the context structure ctx without cancelling pending or running work in...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-49604,CVE-2025-40074: ip: Fix data-races around sysctlipfwdusepmtu bsc1238414 bsc1252794. CVE-2022-50527: drm/amdgpu: Fix size validation for non-exclusive domains...