Skip to main content

Linux Kernel EUVDEUVD-2026-27778

| CVE-2026-43218 MEDIUM
Memory Leak (CWE-401)
2026-05-06 Linux GHSA-h3jc-6rcx-xcc3
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 11, 2026 - 19:37 vuln.today
CVSS changed
May 11, 2026 - 19:37 NVD
5.5 (MEDIUM)
Patch available
May 06, 2026 - 13:32 EUVD
CVE Published
May 06, 2026 - 11:28 nvd
MEDIUM 5.5

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

media: i2c/tw9903: Fix potential memory leak in tw9903_probe()

In one of the error paths in tw9903_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handler_free() on the handler in that error path.

AnalysisAI

Memory leak in Linux kernel tw9903 media driver probe function allows local authenticated attackers to cause denial of service through repeated device initialization failures. The v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() allocations are not freed in one error path of tw9903_probe(), enabling exhaustion of kernel memory. CVSS 5.5 (local, low complexity, requires low privileges). EPSS score of 0.02% indicates minimal exploitation probability.

Technical ContextAI

The tw9903 is a video capture sensor driver in the Linux kernel's media subsystem (drivers/media/i2c/tw9903.c). The vulnerability exists in the probe function which initializes V4L2 control handler structures for camera parameter management. When v4l2_ctrl_handler_init() succeeds but v4l2_ctrl_new_std() fails, the handler memory is not properly released via v4l2_ctrl_handler_free(), resulting in CWE-401 (Missing Release of Memory after Effective Lifetime). The root cause is missing cleanup code in the error path, a common pattern issue in driver initialization code.

RemediationAI

Apply vendor-released kernel patches: upgrade to Linux 5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, or 7.0 depending on your kernel branch. Patches are available via git.kernel.org stable trees (referenced in kernel commit hashes e54aa17c, 32f04935, 92537a15, 9cb9eca3, a114918, cc7aeed3, add02a3f, and 9cea16fe). For systems unable to immediately upgrade, disable the tw9903 driver module if not actively used by setting blacklist tw9903 in /etc/modprobe.d/blacklist.conf to prevent probe execution and memory leak. This has no impact if the video capture device is not in use. The recommended mitigation is kernel upgrade, as the fix is minimal and carries no risk - it only adds proper resource cleanup.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-27778 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy