CVE-2026-43222

Source
https://cve.org/CVERecord?id=CVE-2026-43222
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43222.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43222
Downstream
Published
2026-05-06T11:28:22.291Z
Modified
2026-06-18T03:55:37.151552836Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
media: verisilicon: AV1: Fix tile info buffer size
Details

In the Linux kernel, the following vulnerability has been resolved:

media: verisilicon: AV1: Fix tile info buffer size

Each tile info is composed of: rowsb, colsb, startpos and endpos (4 bytes each). So the total required memory is AV1MAXTILES * 16 bytes. Use the correct #define to allocate the buffer and avoid writing tile info in non-allocated memory.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43222.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
727a400686a2c0d25015c9e44916a59b72882f83
Fixed
a5b1ddbe31f49b4da78642157589970e9b60a231
Fixed
34f36f9c6114af781a5a4f7a7c99334c85b73fc7
Fixed
f122f2b3ce9dbde60bf7ab0b180fe4a01f9d9bc4
Fixed
74abfadd7ef5ac9f3a6111d550cc651d1457c641
Fixed
a505ca2db89ad92a8d8d27fa68ebafb12e04a679

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43222.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.5.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43222.json"