CVE-2022-49165

In the Linux kernel, the following vulnerability has been resolved:

media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers

If the application queues an NV12M jpeg as output buffer, but then
queues a single planar capture buffer, the kernel will crash with
"Unable to handle kernel NULL pointer dereference" in mxc_jpeg_addrs,
prevent this by finishing the job with error.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
vulnerable
bullseye (security)
vulnerable
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
References
https://git.kernel.org/stable/c/417591a766b3c040c346044541ff949c0b2bb7b2
https://git.kernel.org/stable/c/4eb591c47c82a6a6ad293ed108c3cb77115fbc25
https://git.kernel.org/stable/c/8d075ede7d24f19dc817c5bd517a53f0524f9031
https://git.kernel.org/stable/c/eff76b180751e5e55c872d17755680c3b83ba9ab