SB20250502166 - Out-of-bounds read in Linux kernel qcom venus driver
Published: May 2, 2025 Updated: May 10, 2025
Security Bulletin ID
SB20250502166
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2025-23156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fill_buf_mode(), parse_alloc_mode(), fill_profile_level(), parse_profile_level(), fill_caps(), parse_caps(), fill_raw_fmts(), parse_raw_formats(), parse_codecs(), hfi_platform_parser() and hfi_parser() functions in drivers/media/platform/qcom/venus/hfi_parser.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/05b07e52a0d08239147ba3460045855f4fb398de
- https://git.kernel.org/stable/c/0beabe9b49190a02321b02792b29fc0f0e28b51f
- https://git.kernel.org/stable/c/0f9a4bab7d83738963365372e4745854938eab2d
- https://git.kernel.org/stable/c/6d278c5548d840c4d85d445347b2a5c31b2ab3a0
- https://git.kernel.org/stable/c/9edaaa8e3e15aab1ca413ab50556de1975bcb329
- https://git.kernel.org/stable/c/a736c72d476d1c7ca7be5018f2614ee61168ad01
- https://git.kernel.org/stable/c/bb3fd8b7906a12dc2b61389abb742bf6542d97fb
- https://git.kernel.org/stable/c/f195e94c7af921d99abd79f57026a218d191d2c7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.181