Unrated severityNVD Advisory· Published May 20, 2025· Updated May 26, 2025
staging: bcm2835-camera: Initialise dev in v4l2_dev
CVE-2025-37971
Description
In the Linux kernel, the following vulnerability has been resolved:
staging: bcm2835-camera: Initialise dev in v4l2_dev
Commit 42a2f6664e18 ("staging: vc04_services: Move global g_state to vchiq_state") changed mmal_init to pass dev->v4l2_dev.dev to vchiq_mmal_init, however nothing iniitialised dev->v4l2_dev, so we got a NULL pointer dereference.
Set dev->v4l2_dev.dev during bcm2835_mmal_probe. The device pointer could be passed into v4l2_device_register to set it, however that also has other effects that would need additional changes.
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.