CVE-2026-43058

Name	CVE-2026-43058
Description	In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtv_ts_null_write_into() and vidtv_ts_pcr_write_into() take their argument structs by value, causing MSAN to report uninit-value warnings. While only vidtv_ts_null_write_into() has triggered a report so far, both functions share the same issue. Fix by passing both structs by const pointer instead, avoiding the stack copy of the struct along with its MSAN shadow and origin metadata. The functions do not modify the structs, which is enforced by the const qualifier.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
linux (PTS)	bullseye	5.10.223-1	vulnerable
	bullseye (security)	5.10.251-5	vulnerable
	bookworm	6.1.170-3	vulnerable
	bookworm (security)	6.1.172-1	vulnerable
	trixie	6.12.86-1	fixed
	trixie (security)	6.12.90-1	fixed
	forky	7.0.7-1	fixed
	sid	7.0.9-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
linux	source	trixie	6.12.85-1
linux	source	(unstable)	6.19.14-1

https://git.kernel.org/linus/5f8e73bde67e931468bc2a1860d78d72f0c6ba41 (7.1-rc1)