208 matches found
CVE-2024-35921
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...
DEBIAN-CVE-2024-35921
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...
UBUNTU-CVE-2024-35919
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist has been deleted due to an unexpected...
CVE-2024-35920
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...
UBUNTU-CVE-2024-35920
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...
CVE-2024-35921 media: mediatek: vcodec: Fix oops when HEVC init fails
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...
CVE-2024-35921
CVE-2024-35921 affects the Linux kernel media/mediatek vcodec HEVC decoding path. The stateless HEVC decoder stored the instance pointer in the context even on initialization failure, leading to a use-after-free when the pointer was freed during deinit. The documented workaround is to store the i...
CVE-2024-35920 media: mediatek: vcodec: adding lock to protect decoder context list
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...
CVE-2024-35920
CVE-2024-35920 refers to a Linux kernel issue in the media: mediatek: vcodec driver. The root cause is a race/NULL-pointer risk in vpu_dec_ipi_handler when the decoder context list (ctx_list) could be deleted due to SCP IP block behavior. The patch adds a lock around ctx_list to prevent illegal a...
CVE-2024-35920 media: mediatek: vcodec: adding lock to protect decoder context list
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...
CVE-2024-35919 media: mediatek: vcodec: adding lock to protect encoder context list
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist has been deleted due to an unexpected...
CVE-2024-35919 media: mediatek: vcodec: adding lock to protect encoder context list
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist has been deleted due to an unexpected...
CVE-2024-35919 media: mediatek: vcodec: adding lock to protect encoder context list
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist has been deleted due to an unexpected...
PT-2024-8417 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a NULL pointer dereference in the Linux kernel's vcodec component. This can occur when the ctx list is accessed within the vpu enc ipi handler function after it...
PT-2025-49478
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the media subsystem, specifically within the MediaTek vcodec decoder queue setup function. A user-supplied variable, nplanes, obtained through a syste...
SUSE CVE-2021-3566
Prior to ffmpeg version 4.3, the tty demuxer did not have a 'readprobe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long...
SUSE CVE-2022-3113
An issue was discovered in the Linux kernel through 5.16-rc6. mtkvcodecfwvpuinit in drivers/media/platform/mtk-vcodec/mtkvcodecfwvpu.c lacks check of the return value of devmkzalloc and will cause the null pointer dereference...
OESA-2023-1035 kernel security update
Security Fixes: An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2CSMBUSBLOCKDATA with the ioctl I2CSMBUS with malicious input data. This flaw allows a local user to crash the system.CVE-2022-2873 An...
The vulnerability of the mtk_vcodec_fw_vpu_init() function in the Linux kernel’s drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c file allows a attacker to cause a service failure or gain increased privileges.
The vulnerability of the mtkvcodecfwvpuinit function in the Linux kernel’s drivers/media/platform/mtk-vcodec/mtkvcodecfwvpu.c file is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause system failures or gain increased privileges...
An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.
...