CVE-2026-43256
Out-of-Bounds Access in Linux Kernel Qualcomm CAMSS VFE
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's media component for Qualcomm cameras (qcom: camss: vfe). The issue is an out-of-bounds memory access in the function vfe_isr_reg_update(). Specifically, the function vfe_isr() loops using a bound of 7 (MSM_VFE_IMAGE_MASTERS_NUM), but accesses an array vfe->line[] that only has 4 elements (VFE_LINE_NUM_MAX). When the index is 4, 5, or 6, the code accesses memory beyond the array's limits, causing an out-of-bounds access.
The fix involved separating the loops for output lines and write masters to prevent accessing beyond the array bounds.
How can this vulnerability impact me? :
An out-of-bounds memory access vulnerability can lead to undefined behavior in the affected system. This may include system crashes, data corruption, or potential exploitation by attackers to execute arbitrary code or escalate privileges.
Since this vulnerability occurs in the Linux kernel's camera subsystem, it could impact devices using Qualcomm camera hardware, potentially affecting system stability or security.