CVE-2026-46239

EUVD-2026-32757
In the Linux kernel, the following vulnerability has been resolved:

media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl

Three control cases (AUTOGAIN, EXPOSURE_AUTO, ANALOGUE_GAIN) directly
return without calling pm_runtime_put(), causing runtime PM reference
count leaks.

Change these cases from 'return' to 'ret = ... break' pattern to ensure
pm_runtime_put() is always called before function exit.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.174-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.9-1
fixed
sid
7.0.10-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.90-2
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/6b03ecf75bda5900b8e661eb75656f631b598bc2
https://git.kernel.org/stable/c/f11ae9c04f8368a3b5a0280ef595198dace1c983