Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that. Fix this. Also rewrap lines a little.
References
- https://git.kernel.org/stable/c/5265cc1202a31f7097691c3483a0d60d624424a5
- https://git.kernel.org/stable/c/740717b756c17190dc2d2ad4c6de1e63f214e0c9
- https://git.kernel.org/stable/c/b9eb3ab6f30bf32f7326909f17949ccb11bab514
FAQ
What is CVE-2022-50722?
CVE-2022-50722 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the ...
How severe is CVE-2022-50722?
CVSS scoring is not yet available for CVE-2022-50722. Check NVD for updates.
Is there a patch for CVE-2022-50722?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.