30 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removing buffers when legacy fileio is active The vb2ioctlremovebufs call manipulates the internal buffer list of the queue. This may potentially overwrite pointers used by the legacy fileio interface...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: stk1160: Fix bounds checking in stk1160copyvideo The subtraction in this context is reversed. -length represents the length of the buffer. -bytesused indicates the number of bytes that have been copied so far. When the...
EUVD-2026-24825
In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...
CVE-2026-33986 FreeRDP: H.264 YUV Buffer Dimension Desync - Heap OOB Write
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000600)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000600 advisory. drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003025)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003025 advisory. drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly...
EUVD-2025-201643
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40302 media: videobuf2: forbid remove_bufs when legacy fileio is active
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989517)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989517 advisory. In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2BUFSTATEQUEUED If the callback...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989604)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989604 advisory. In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2BUFSTATEQUEUED If the callback...
EUVD-2018-3327
Malware in sbrugna...
EUVD-2025-31908
Malicious code in bioql PyPI...
SUSE CVE-2023-53497
In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2isstreaming with vb2startstreamingcalled The vsp1 driver uses the vb2isstreaming function in its .bufqueue handler to check if the .startstreaming operation has been called, and decide whether to just add...
CVE-2023-53497
Mode C: The CVE-2023-53497 issue affects the Linux kernel’s vsp1 driver where vb2_is_streaming() is checked in .buf_queue(); a change (commit a10b21532574) to set the vb2_queue .streaming flag in vb2_core_streamon() before enqueuing buffers caused the driver to believe .start_streaming() had been...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper use of the vb2isstreaming function, which could lead to null pointer dereferencing...
PT-2025-40204
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc1-00023-g6c94e2e99343 Description The vsp1 driver in the Linux kernel incorrectly uses the vb2 is streaming function to determine if the .start streaming operation has been called. A change in the vb2 cor...
UBUNTU-CVE-2022-50359
In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in bufferprepare When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in bufferqueue. The following log...
CVE-2025-39714
In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock resolution while streaming When an program is streaming ffplay and another program qv4l2 changes the TV standard from NTSC to PAL, the kernel crashes due to trying to copy to unmapped memory. Changing from NTSC...
DEBIAN-CVE-2025-39714
In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock resolution while streaming When an program is streaming ffplay and another program qv4l2 changes the TV standard from NTSC to PAL, the kernel crashes due to trying to copy to unmapped memory. Changing from NTSC...
DEBIAN-CVE-2025-38619
In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: fix listdel corruption If ticsi2rxstartdma fails in ticsi2rxdmacallback, the buffer is marked done with VB2BUFSTATEERROR but is not removed from the DMA queue. This causes the same buffer to be retried in...