CVE-2022-50722

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: ipu3-imgu: Fix NULL pointer dereference in active selection access

What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use.

The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that.

Fix this.

Also rewrap lines a little.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 < 5265cc1202a31f7097691c3483a0d60d624424a5affected
LinuxLinux0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 < 740717b756c17190dc2d2ad4c6de1e63f214e0c9affected
LinuxLinux0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 < b9eb3ab6f30bf32f7326909f17949ccb11bab514affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.76 <= 5.15.*unaffected
LinuxLinux6.0.6 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References