CVE-2026-43246
media: i2c/tw9906: Fix potential memory leak in tw9906_probe()
Description
In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906_probe() In one of the error paths in tw9906_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handler_free() on the handler in that error path.
INFO
Published Date :
May 6, 2026, 12:16 p.m.
Last Modified :
May 6, 2026, 1:07 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Apply the kernel patch
- Call v4l2_ctrl_handler_free() in error paths
- Ensure memory is freed on error
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-43246.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-43246 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-43246
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-43246 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2026-43246 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 06, 2026
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906_probe() In one of the error paths in tw9906_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handler_free() on the handler in that error path. Added Reference https://git.kernel.org/stable/c/0c33338514d8246280533a77091e6b6ee548c606 Added Reference https://git.kernel.org/stable/c/377a7756914364d72550fc86ca0f404ef1d96141 Added Reference https://git.kernel.org/stable/c/59420d5d9c46b084e21f9ea6ce79fc79ae9e414c Added Reference https://git.kernel.org/stable/c/9548a8bbf511a252a9848f96220c6b95c9a3b918 Added Reference https://git.kernel.org/stable/c/cad237b6c875fbee5d353a2b289e98d240d17ec8 Added Reference https://git.kernel.org/stable/c/ccb92def042a3636ed47f25a30bd553788e5191e Added Reference https://git.kernel.org/stable/c/e9a490937942f18205dac7b6b192975ef1369ae1 Added Reference https://git.kernel.org/stable/c/fb09d8b80046216646f1a344410cfa9cfa6c6c7c