CVE-2026-43312

Source
https://cve.org/CVERecord?id=CVE-2026-43312
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43312.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43312
Downstream
Published
2026-05-08T13:11:29.719Z
Modified
2026-06-18T03:56:34.679592217Z
Summary
media: i2c: ov5647: Initialize subdev before controls
Details

In the Linux kernel, the following vulnerability has been resolved:

media: i2c: ov5647: Initialize subdev before controls

In ov5647initcontrols() we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit() in the probe, which currently happens after initcontrols(). This can result in a segfault if the error condition is hit, and we try to access i2c_client, so fix the order.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43312.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4974c2f19fd810ec9a4e534bfc69e176256b7a03
Fixed
f2a1998bc0053ebfe137f65081ed13afd9f34502
Fixed
59e372aa4cf60e2500eba7f978acdcb18bb49032
Fixed
cabd025182cfed4a19b3aab57493e312d681e398
Fixed
2dedda97a64e7735844609c6c77c0dd953d73833
Fixed
8ecb21c20387cc0c8aa00489a21ccc69f6b0f5d1
Fixed
fb69e4842f5b463ff5f121d2ac7746014e3477ea
Fixed
eee13cbccacb6d0a3120c126b8544030905b069d

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43312.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.12.0
Fixed
5.15.202
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.165
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43312.json"