CVE-2026-43218
media: i2c/tw9903: Fix potential memory leak in tw9903_probe()
Description
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903_probe() In one of the error paths in tw9903_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handler_free() on the handler in that error path.
INFO
Published Date :
May 6, 2026, 12:16 p.m.
Last Modified :
May 6, 2026, 1:07 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Apply the patch to the Linux kernel.
- Ensure v4l2_ctrl_handler_free is called.
- Test the tw9903 driver for memory leaks.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-43218.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-43218 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-43218
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-43218 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2026-43218 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 06, 2026
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903_probe() In one of the error paths in tw9903_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handler_free() on the handler in that error path. Added Reference https://git.kernel.org/stable/c/32f0493506313775d3bd448de34762b6538da6bd Added Reference https://git.kernel.org/stable/c/92537a15780b6d0281fd8286f93fbc3652e35f48 Added Reference https://git.kernel.org/stable/c/9cb9eca33d20316ed3c7a938793b8735ac3e128b Added Reference https://git.kernel.org/stable/c/9cea16fea47e5553f51d10957677ff735b1eff03 Added Reference https://git.kernel.org/stable/c/a114918270f0d95c607d69b03a244e6afe54813f Added Reference https://git.kernel.org/stable/c/add02a3fb1fd71b004f0ed824cbac00f850de558 Added Reference https://git.kernel.org/stable/c/cc7aeed33e4f55c76f35f0fca73e4dfe12a63a3a Added Reference https://git.kernel.org/stable/c/e54aa17c968c4de2c5f7b7ea390c63d33c07513b