Email received from: jiasheng.cn Recipients: secalert, jiasheng.cn [Suggested description] An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference. ------------------------------------------ [VulnerabilityType Other] NULL Pointer Dereference ------------------------------------------ [Vendor of Product] the development group ------------------------------------------ [Affected Product Code Base] Linux kernel - 5.16-rc6 ------------------------------------------ [Reference] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=e25a89f743b18c029bfbe5e1663ae0c7190912b0 ------------------------------------------ [Discoverer] Jiasheng Jiang
Upstream commit: https://github.com/torvalds/linux/commit/e25a89f743b18c029bfbe5e1663ae0c7190912b0
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-3113