Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: media: iris: Added missing platform data entries for SM8750. Two platform-data fields for SM8750 were omitted: - getvpubuffersize = irisvpu33bufsize Without this field, the driver fails to allocate the required internal buffer...

CVE-2026-43246

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906probe In one of the error paths in tw9906probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...

CVE-2026-43231

In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...

CVE-2026-43231 media: radio-keene: fix memory leak in error path

In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...

CVE-2026-43218 media: i2c/tw9903: Fix potential memory leak in tw9903_probe()

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903probe In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...

PT-2026-37529

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...

media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex

...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013700 advisory. In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675initcontrols There is a kmemleak when testing the...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006888)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006888 advisory. In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has bee...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013269 advisory. In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If...

CVE-2023-54103

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2022-50548 media: i2c: hi846: Fix memory leak in hi846_parse_dt()

In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: Fix memory leak in hi846parsedt If any of the checks related to the supported link frequencies fail, then the V4L2 fwnode resources don't get released before returning, which leads to a memleak. Fix this by...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986735)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986735 advisory. In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verif...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414328 advisory. A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a...

PT-2025-38331

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the core thread may call v4l2 m2m buf done to set the destination buffer to done for late architecture. If the late architecture calls v4l2 m2m b...

SUSE CVE-2025-39712

In the Linux kernel, the following vulnerability has been resolved: media: mt9m114: Fix deadlock in getframeinterval/setframeinterval Getting / Setting the frame interval using the V4L2 subdev pad ops getframeinterval/setframeinterval causes a deadlock, as the subdev state is locked in the 1 but...

PT-2025-36306

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock issue exists in the Linux kernel related to the mt9m114 driver when getting or setting the frame interval using the V4L2 subdev pad operations get frame interval and set frame...

DEBIAN-CVE-2022-49887

In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdecprobe v4l2deviceunregister need to be called to put the refcount got by v4l2deviceregister when vdecprobe fails or vdecremove is called...

media: tc358743: register v4l2 async device only after successful setup

...

DEBIAN-CVE-2024-35830

In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access...