CVE-2022-50826

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s ipu3-imgu component where a NULL pointer dereference can occur in the imgu subdev set selection() function. This happens when v4l2 subdev get try crop() and v4l2 subdev get try compose() are called with a NULL subdev state. The issue persists in imgu subdev set selection() despite a previous fix for imgu subdev get selection(). The problem arises because the function attempts to access pointers to "try" and "active" states before verifying if the state is valid.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.