VYPR
Unrated severityNVD Advisory· Published May 20, 2025· Updated May 26, 2025

staging: bcm2835-camera: Initialise dev in v4l2_dev

CVE-2025-37971

Description

In the Linux kernel, the following vulnerability has been resolved:

staging: bcm2835-camera: Initialise dev in v4l2_dev

Commit 42a2f6664e18 ("staging: vc04_services: Move global g_state to vchiq_state") changed mmal_init to pass dev->v4l2_dev.dev to vchiq_mmal_init, however nothing iniitialised dev->v4l2_dev, so we got a NULL pointer dereference.

Set dev->v4l2_dev.dev during bcm2835_mmal_probe. The device pointer could be passed into v4l2_device_register to set it, however that also has other effects that would need additional changes.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.