We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2022-48987

media: v4l2-dv-timings.c: fix too strict blanking sanity checks



Description

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2_bt_timings blanking fields in order to avoid integer overflows when userspace passes weird values. But that assumed that userspace would correctly fill in the front porch, backporch and sync values, but sometimes all you know is the total blanking, which is then assigned to just one of these fields. And that can fail with these checks. So instead set a maximum for the total horizontal and vertical blanking and check that each field remains below that. That is still sufficient to avoid integer overflows, but it also allows for more flexibility in how userspace fills in these fields.

Reserved 2024-08-22 | Published 2024-10-21 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

15ded23db134da975b49ea99770de0346c193b24 before 0d73b49c4037199472b29574ae21c21aef493971
affected

3d43b2b8a3cdadd6cef9ac8ef5d156b6214a01c8 before a2b56627c0d13009e02f6f2c0206c0451ed19a0e
affected

9cf9211635b68e8e0c8cb88d43ca7dc83e4632aa before 2572ab14b73aa45b6ae7e4c089ccf119fed5cf89
affected

b4a3a01762ae072c7f6ff2ff53b5019761288346 before 4afc77068e36cee45b39d4fdc7513de26980f72c
affected

683015ae163481457a16fad2317af66360dc4762 before 32f01f0306a98629508f84d7ef0d1d037bc274a2
affected

491c0959f01d87bcbd5a1498bc70e0a3382c65a8 before 6fb8bc29bfa80707994a63cc97e2f9920e0b0608
affected

dc7276c3f6ca008be1faf531f84b49906c9bcf7f before d3d14cdf1c7ae2caa3e999bae95ba99e955fb7c3
affected

4b6d66a45ed34a15721cb9e11492fa1a24bc83df before 5eef2141776da02772c44ec406d6871a790761ee
affected

Default status
unaffected

4.9.332 before 4.9.336
affected

4.14.298 before 4.14.302
affected

4.19.264 before 4.19.269
affected

5.4.223 before 5.4.227
affected

5.10.153 before 5.10.159
affected

5.15.77 before 5.15.83
affected

6.0.7 before 6.0.13
affected

References

git.kernel.org/...c/0d73b49c4037199472b29574ae21c21aef493971

git.kernel.org/...c/a2b56627c0d13009e02f6f2c0206c0451ed19a0e

git.kernel.org/...c/2572ab14b73aa45b6ae7e4c089ccf119fed5cf89

git.kernel.org/...c/4afc77068e36cee45b39d4fdc7513de26980f72c

git.kernel.org/...c/32f01f0306a98629508f84d7ef0d1d037bc274a2

git.kernel.org/...c/6fb8bc29bfa80707994a63cc97e2f9920e0b0608

git.kernel.org/...c/d3d14cdf1c7ae2caa3e999bae95ba99e955fb7c3

git.kernel.org/...c/5eef2141776da02772c44ec406d6871a790761ee

cve.org (CVE-2022-48987)

nvd.nist.gov (CVE-2022-48987)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2022-48987

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.

© Copyright 2024 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.