SB20250502290 - Out-of-bounds write in Linux kernel qcom venus driver
Published: May 2, 2025 Updated: May 10, 2025
Security Bulletin ID
SB20250502290
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds write (CVE-ID: CVE-2025-23158)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the venus_write_queue() and venus_read_queue() functions in drivers/media/platform/qcom/venus/hfi_venus.c. A local user can execute arbitrary code.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/101a86619aab42bb61f2253bbf720121022eab86
- https://git.kernel.org/stable/c/1b86c1917e16bafbbb08ab90baaff533aa36c62d
- https://git.kernel.org/stable/c/32af5c1fdb9bc274f52ee0472d3b060b18e4aab4
- https://git.kernel.org/stable/c/40084302f639b3fe954398c5ba5ee556b7242b54
- https://git.kernel.org/stable/c/679424f8b31446f90080befd0300ea915485b096
- https://git.kernel.org/stable/c/69baf245b23e20efda0079238b27fc63ecf13de1
- https://git.kernel.org/stable/c/a45957bcde529169188929816775a575de77d84f
- https://git.kernel.org/stable/c/cf5f7bb4e0d786f4d9d50ae6b5963935eab71d75
- https://git.kernel.org/stable/c/edb89d69b1438681daaf5ca90aed3242df94cc96
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.13.12