CVE-2026-43316

Source
https://cve.org/CVERecord?id=CVE-2026-43316
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43316.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43316
Downstream
Published
2026-05-08T13:26:12.217Z
Modified
2026-06-18T03:56:14.500717453Z
Summary
media: solo6x10: Check for out of bounds chip_id
Details

In the Linux kernel, the following vulnerability has been resolved:

media: solo6x10: Check for out of bounds chip_id

Clang with CONFIGUBSANSHIFT=y noticed a condition where a signed type (literal "1" is an "int") could end up being shifted beyond 32 bits, so instrumentation was added (and due to the double is_tw286x() call seen via inlining), Clang decides the second one must now be undefined behavior and elides the rest of the function[1]. This is a known problem with Clang (that is still being worked on), but we can avoid the entire problem by actually checking the existing max chip ID, and now there is no runtime instrumentation added at all since everything is known to be within bounds.

Additionally use an unsigned value for the shift to remove the instrumentation even without the explicit bounds checking.

[hverkuil: fix checkpatch warning for is_tw286x]

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43316.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
faa4fd2a09517b39cc1f5d622453f97a59acfdac
Fixed
c327192ca26670cf6e588c1eeda66cd2fa97630e
Fixed
0b3dadada2417782a63ce32dae05bafe1c949e3f
Fixed
603e3859393ee2ce91393b7d05e6e56e4b66e5cd
Fixed
33af366211ee78e3b074ff44a16121e537e86826
Fixed
5849ae68d7b8b6ad55cc1bf0d227dd2ae6362528
Fixed
d29f33b2cf98e4901cd5457d1ee34062e808df73
Fixed
4d6db0c6bbbfd8d7bbdbf7ab6a9c003752abf116
Fixed
0fdf6323c35a134f206dcad5babb4ff488552076

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43316.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.36
Fixed
5.10.252
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.202
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.165
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43316.json"