39 matches found
SUSE CVE-2022-50722
In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The probl...
CVE-2022-50722
In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The probl...
CVE-2022-50722
In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The probl...
Linux Distros Unpatched Vulnerability : CVE-2025-40207
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: v4l2-subdev: Fix alloc failure check in v4l2subdevcallstatetry v4l2subdevcallstatetry macro allocates a subdev state with v4l2subdevstatealloc, but does...
DEBIAN-CVE-2025-40207
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2subdevcallstatetry v4l2subdevcallstatetry macro allocates a subdev state with v4l2subdevstatealloc, but does not check the returned value. If v4l2subdevstatealloc fails, it retur...
AZL-70070 CVE-2025-40207 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2subdevcallstatetry v4l2subdevcallstatetry macro allocates a subdev state with v4l2subdevstatealloc, but does not check the returned value. If v4l2subdevstatealloc fails, it retur...
CVE-2025-40207
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2subdevcallstatetry v4l2subdevcallstatetry macro allocates a subdev state with v4l2subdevstatealloc, but does not check the returned value. If v4l2subdevstatealloc fails, it retur...
CVE-2025-40207
In the Linux kernel vulnerability CVE-2025-40207, the media: v4l2-subdev path v4l2_subdev_call_state_try() allocates a subdev state with __v4l2_subdev_state_alloc() but does not check for allocation failure, which could return an ERR_PTR and crash v4l2_subdev_call_state_try(). The connected advis...
CVE-2025-40207 media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try()
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2subdevcallstatetry v4l2subdevcallstatetry macro allocates a subdev state with v4l2subdevstatealloc, but does not check the returned value. If v4l2subdevstatealloc fails, it retur...
CVE-2025-40207
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2subdevcallstatetry v4l2subdevcallstatetry macro allocates a subdev state with v4l2subdevstatealloc, but does not check the returned value. If v4l2subdevstatealloc fails, it retur...
CVE-2025-39712
In the Linux kernel, the following vulnerability has been resolved: media: mt9m114: Fix deadlock in getframeinterval/setframeinterval Getting / Setting the frame interval using the V4L2 subdev pad ops getframeinterval/setframeinterval causes a deadlock, as the subdev state is locked in the 1 but...
PT-2025-46764
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The v4l2 subdev call state try macro in the Linux kernel does not check the return value of v4l2 subdev state alloc. If v4l2 subdev state alloc fails, it returns an error pointer, which...
SUSE CVE-2022-49496
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: prevent kernel crash when rmmod mtk-vcodec-dec.ko If the driver support subdev mode, the parameter "dev-pm.dev" will be NULL in mtkvcodecdecremove. Kernel will crash when try to rmmod mtk-vcodec-dec.ko...
DEBIAN-CVE-2022-49496
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: prevent kernel crash when rmmod mtk-vcodec-dec.ko If the driver support subdev mode, the parameter "dev-pm.dev" will be NULL in mtkvcodecdecremove. Kernel will crash when try to rmmod mtk-vcodec-dec.ko...
CVE-2023-52647
In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access When translating source to sink streams in the crossbar subdev, the driver tries to locate the remote subdev connected to the sink pad. The remote pad may...
CVE-2023-52647
In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access When translating source to sink streams in the crossbar subdev, the driver tries to locate the remote subdev connected to the sink pad. The remote pad may...
CVE-2023-52647
In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access When translating source to sink streams in the crossbar subdev, the driver tries to locate the remote subdev connected to the sink pad. The remote pad may...
CVE-2023-52647 media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access
In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access When translating source to sink streams in the crossbar subdev, the driver tries to locate the remote subdev connected to the sink pad. The remote pad may...
Samsumg android phone v4l-subdev driver memory corruption vulnerability
Samsumg android phone is a series of cell phone products based on the Android platform developed by South Korea's Samsung Samsung. A memory corruption vulnerability exists in the 'msmsensorconfig' function in the v4l-subdev driver of the samsumg android phone, which stems from the program's failu...