GHSA-vpqj-28g2-5g9m

Опубликовано: 24 дек. 2025

Источник: github

Github: Не прошло ревью

Описание

In the Linux kernel, the following vulnerability has been resolved:

media: ipu3-imgu: Fix NULL pointer dereference in active selection access

What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use.

The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that.

Fix this.

Also rewrap lines a little.

In the Linux kernel, the following vulnerability has been resolved:

media: ipu3-imgu: Fix NULL pointer dereference in active selection access

What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use.

The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that.

Fix this.

Also rewrap lines a little.

Ссылки

EPSS

Процентиль: 6%

0.00024

Низкий

CVE ID

CVE-2022-50722

Связанные уязвимости

CVE-2022-50722

ubuntu

около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that. Fix this. Also rewrap lines a little.