In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647_init_controls() we call v4l2_get_subdevdata, but it is initialized by v4l2_i2c_subdev_init() in the probe, which currently happens after init_controls(). This can result in a segfault if the error condition is hit, and we try to access i2c_client, so fix the order.

A flaw was found in the Linux kernel's ov5647 driver. An issue in the initialization order of the subdevice, where `v4l2_get_subdevdata` is called before the subdevice is properly initialized, can lead to a segmentation fault. This can result in a system crash, causing a Denial of Service (DoS).

Red Hat Enterprise Linux 10 Not affected kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Not affected kernel Red Hat Enterprise Linux 8 Not affected kernel-rt Red Hat Enterprise Linux 9 Not affected kernel Red Hat Enterprise Linux 9 Not affected kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-43312 https://nvd.nist.gov/vuln/detail/CVE-2026-43312 https://lore.kernel.org/linux-cve-announce/2026050800-CVE-2026-43312-b723@gregkh/T