Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:media: v4l: async: Fix notifier list entry initstruct v4l2_async_notifier has several list_head members, but onlywaiting_list and done_list are initialized. notifier_entry was kept'zeroed' leading to an uninitialized list_head.This results in a NULL-pointer dereference if csi2_async_register() fails,e.g. node for remote endpoint is disabled, and returns -ENOTCONN.The following calls to v4l2_async_nf_unregister() results in a NULLpointer dereference.Add the missing list head initializer.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds