CVE-2026-43222

HIGH EPSS 3.6%
Published May 6, 20261mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: AV1: Fix tile info buffer size Each tile info is composed of: row_sb, col_sb, start_pos and end_pos (4 bytes each). So the total required memory is AV1_MAX_TILES * 16 bytes. Use the correct #define to allocate the buffer and avoid writing tile info in non-allocated memory.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
3.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥6.5  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 5

  • git.kernel.org https://git.kernel.org/stable/c/34f36f9c6114af781a5a4f7a7c99334c85b73fc7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/74abfadd7ef5ac9f3a6111d550cc651d1457c641
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a505ca2db89ad92a8d8d27fa68ebafb12e04a679
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a5b1ddbe31f49b4da78642157589970e9b60a231
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f122f2b3ce9dbde60bf7ab0b180fe4a01f9d9bc4
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/34f36f9c6114af781a5a4f7a7c99334c85b73fc7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/74abfadd7ef5ac9f3a6111d550cc651d1457c641
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a505ca2db89ad92a8d8d27fa68ebafb12e04a679
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a5b1ddbe31f49b4da78642157589970e9b60a231
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f122f2b3ce9dbde60bf7ab0b180fe4a01f9d9bc4
    Patch