CVE-2026-43246
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/05/2026
Last modified:
11/05/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
media: i2c/tw9906: Fix potential memory leak in tw9906_probe()<br />
<br />
In one of the error paths in tw9906_probe(), the memory allocated in<br />
v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that<br />
by calling v4l2_ctrl_handler_free() on the handler in that error path.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.10 (including) | 5.10.252 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.202 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.165 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.128 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.75 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.16 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 6.19.6 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0c33338514d8246280533a77091e6b6ee548c606
- https://git.kernel.org/stable/c/377a7756914364d72550fc86ca0f404ef1d96141
- https://git.kernel.org/stable/c/59420d5d9c46b084e21f9ea6ce79fc79ae9e414c
- https://git.kernel.org/stable/c/9548a8bbf511a252a9848f96220c6b95c9a3b918
- https://git.kernel.org/stable/c/cad237b6c875fbee5d353a2b289e98d240d17ec8
- https://git.kernel.org/stable/c/ccb92def042a3636ed47f25a30bd553788e5191e
- https://git.kernel.org/stable/c/e9a490937942f18205dac7b6b192975ef1369ae1
- https://git.kernel.org/stable/c/fb09d8b80046216646f1a344410cfa9cfa6c6c7c