Volerion logoVolerion
Volerion logoVolerion

Linux Kernel OV5647 I2C Subdevice Control Initialization Vulnerability

Vulnerability

A vulnerability exists in the Linux kernel's handling of the OV5647 camera sensor I2C subdevice controls. The issue arises because the control initialization function is called before the subdevice data is properly set up, creating a risk of segmentation fault. This vulnerability affects the stable version of the Linux kernel.

Impact

The vulnerability can lead to a segmentation fault, causing a crash in the application or service using the affected camera sensor.

Reproduction

The vulnerability can be reproduced by loading the OV5647 camera sensor driver in the Linux kernel. When the driver initializes the sensor, it calls the function to set up the controls before the I2C subdevice data is ready. If an error occurs at this stage and the driver tries to access the I2C client, it will result in a segmentation fault.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.

Added: May 8, 2026, 4:03 PM
Updated: May 8, 2026, 4:03 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
7.8
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.