80 matches found
CVE-2026-46058
A flaw was found in the Linux kernel, specifically within the amphion video processing unit VPU driver. A race condition, a situation where multiple operations occur in an unpredictable order, exists in the Video for Linux 2 V4L2 media-to-memory m2m framework. This vulnerability allows a local...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Media: v4l: async: Fixed NULL pointer dereferencing in adding auxiliary links. In v4l2asynccreateancillarylinks, auxiliary links are created for lens and flash sub-devices. These are links between sub-devices. If the async notifi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: media: v4l2-async: Fixed error handling after finding a match. Once an async connection is found to match an fwnode, a sub-device may be registered if it wasn’t already. Its binding operation is performed, auxiliary links are...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-m2m: added a lock to protect the numrdy parameter. An error occurs when using KCSAN to check the driver. A lock was added to protect the numrdy parameter when retrieving its value using the functions:...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fixed a memory leak in ov5675initcontrols There is a memory leak when testing the media/i2c/ov5675.c file using bpf mock. Device: AssertionError: Unreferenced object 0xffff888107362160 size 16: comm "python3", pid...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init The struct v4l2asyncnotifier contains several listhead members, but only waitinglist and donelist are initialized. The notifierentry was left “zeroed”, resulting in an uninitialized...
CVE-2026-43246
A flaw was found in the Linux kernel's tw9906 driver. An issue in an error path within the tw9906probe function can lead to a memory leak. Specifically, memory allocated during the initialization of the video for Linux 2 V4L2 control handler is not properly released, which could result in system...
EUVD-2026-27778
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903probe In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...
EUVD-2026-27751
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43189 media: v4l2-async: Fix error handling on steps after finding a match
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
CVE-2026-43189
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
PT-2026-37502
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tegra channel try format function. The issue arises because two error paths return immediately after the v4l2 subdev call function fails, failing to call v4l2...
CVE-2026-31583
In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xxv4l2open em28xxv4l2open reads dev-v4l2 without holding dev-lock, creating a race with em28xxv4l2init's error path and em28xxv4l2fini, both of which free the em28xxv4l2 struct and set...
CVE-2026-31583
In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xxv4l2open em28xxv4l2open reads dev-v4l2 without holding dev-lock, creating a race with em28xxv4l2init's error path and em28xxv4l2fini, both of which free the em28xxv4l2 struct and set...
PT-2026-34928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the hackrf driver. When the hackrf probe function registers a device and subsequently encounters an error, it may free device memory using kfree while file...
CVE-2026-31473 media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex
In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003810)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003810 advisory. An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver...
CVE-2023-54208
In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675initcontrols There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff888107362160 size 16: comm "python3", pid 277, jiffies...
CVE-2023-54208
In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675initcontrols There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff888107362160 size 16: comm "python3", pid 277, jiffies...