In the Linux kernel, the following vulnerability has been...
Moderate severity
Unreviewed
Published
Aug 17, 2024
to the GitHub Advisory Database
•
Updated Aug 22, 2024
Description
Published by the National Vulnerability Database
Aug 17, 2024
Published to the GitHub Advisory Database
Aug 17, 2024
Last updated
Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
media: v4l: async: Fix NULL pointer dereference in adding ancillary links
In v4l2_async_create_ancillary_links(), ancillary links are created for
lens and flash sub-devices. These are sub-device to sub-device links and
if the async notifier is related to a V4L2 device, the source sub-device
of the ancillary link is NULL, leading to a NULL pointer dereference.
Check the notifier's sd field is non-NULL in
v4l2_async_create_ancillary_links().
[Sakari Ailus: Reword the subject and commit messages slightly.]
References