CVE-2025-68175

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.4-00114-g1f61ca5cad76

Description The Linux kernel has a flaw in the media subsystem, specifically within the nxp imx8-isi driver. The current implementation unconditionally calls mxc isi video cleanup streaming() in mxc isi video release(). This can lead to a situation where releasing a device may prematurely release a streaming queue, triggered by operations like querying device capabilities with 'v4l2-ctl -l'. This issue is reproducible on i.MX8MP boards when streaming from an ISI capture device using gstreamer. The problem manifests as a warning in the kernel trace, originating from the mxc isi pipe irq handler function. The recommended solution is to move streaming preparation and cleanup operations to the vb2 .prepare streaming() and .unprepare streaming() operations. This change also simplifies the driver by enabling direct use of the vb2 ioctl streamon() and vb2 ioctl streamoff() helpers, and removing the manual cleanup from mxc isi video release().

Recommendations Update to Linux kernel version 6.15.4-00114-g1f61ca5cad76 or later.