media: i2c: ov5647: Initialize subdev before controls

Description

A vulnerability marked as critical has been reported in Linux Kernel up to 6.19.5. This issue affects the function ov5647_init_controls. The manipulation leads to improper initialization. This vulnerability is referenced as CVE-2026-43312. The attack needs to be initiated within the local network. No exploit is available. It is suggested to upgrade the affected component.

Affected Products

Vendor	Product	Versions
linux	linux kernel	4974c2f19fd810ec9a4e534bfc69e176256b7a03, 4974c2f19fd810ec9a4e534bfc69e176256b7a03, 4974c2f19fd810ec9a4e534bfc69e176256b7a03, 4974c2f19fd810ec9a4e534bfc69e176256b7a03, 4974c2f19fd810ec9a4e534bfc69e176256b7a03, 4974c2f19fd810ec9a4e534bfc69e176256b7a03, 4974c2f19fd810ec9a4e534bfc69e176256b7a03, 5.12, 6.19.5

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	open source linux kernel	cert_advisory	90%

References

Related News (3 articles)

Tier B

BSI Advisories10h ago

[NEU] [mittel] Linux Kernel: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB3d ago

CVE-2026-43312 | Linux Kernel up to 6.19.5 ov5647_init_controls initialization

→ No new info (linked only)

Tier C

Linux Kernel CVEs3d ago

CVE-2026-43312: media: i2c: ov5647: Initialize subdev before controls

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

f2a1998bc0053ebfe137f65081ed13afd9f3450259e372aa4cf60e2500eba7f978acdcb18bb49032cabd025182cfed4a19b3aab57493e312d681e3982dedda97a64e7735844609c6c77c0dd953d738338ecb21c20387cc0c8aa00489a21ccc69f6b0f5d1fb69e4842f5b463ff5f121d2ac7746014e3477eaeee13cbccacb6d0a3120c126b8544030905b069d05.15.2026.1.1656.6.1286.12.756.18.166.19.67.0

PublishedMay 8, 2026

Last enriched3d agov2

Trending Score62

Source articles3

Independent3

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack