Skip to main content

Linux Kernel CVE-2026-43246

| EUVDEUVD-2026-27805 MEDIUM
Memory Leak (CWE-401)
2026-05-06 Linux GHSA-282c-48vc-5752
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 11, 2026 - 13:37 vuln.today
CVSS changed
May 11, 2026 - 13:37 NVD
5.5 (MEDIUM)
Patch available
May 06, 2026 - 13:32 EUVD
CVE Published
May 06, 2026 - 11:28 nvd
MEDIUM 5.5

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

media: i2c/tw9906: Fix potential memory leak in tw9906_probe()

In one of the error paths in tw9906_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handler_free() on the handler in that error path.

AnalysisAI

Memory leak in the tw9906 media driver's probe function allows local authenticated attackers to cause denial of service through memory exhaustion. The vulnerability occurs in tw9906_probe() when an error path fails to free memory allocated by v4l2_ctrl_handler_init() and v4l2_ctrl_new_std(), potentially leading to kernel memory depletion on repeated device probe attempts. Vendor-released patches are available across multiple stable kernel branches.

Technical ContextAI

The vulnerability exists in the Techwell tw9906 video decoder driver (drivers/media/i2c/tw9906.c), a video4linux2 (V4L2) media subsystem component. The tw9906_probe() function initializes a V4L2 control handler to manage video control parameters, but one error handling path fails to invoke v4l2_ctrl_handler_free() to release associated memory structures. This is a memory management issue in kernel driver initialization code, affecting the media capture subsystem used by video capture devices. The flaw is classified as CWE-401 (Missing Release of Memory after Effective Lifetime), a resource leak vulnerability where allocated kernel memory is not properly released when error conditions occur during driver probing.

RemediationAI

Apply vendor-released patches corresponding to your kernel version: Linux 5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, or 7.0 and later. Patches are available via git.kernel.org/stable with specific commit references provided in the CVE references section. For systems unable to immediately patch, restrict module load/unload permissions and disable hot-plugging of video capture devices if not essential, though these are imperfect mitigations. The recommended approach is to update the kernel to a patched version; no behavioral workarounds exist since the fix requires code-level correction in the driver's error handling path. Verify patch application by confirming the presence of v4l2_ctrl_handler_free() calls in the tw9906_probe() error path after update.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-43246 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy