CVE-2025-38679
media: venus: Fix OOB read due to missing payload bound check
References
Notes
carnil> Introduced in 09c2845e8fe4 ("[media] media: venus: hfi: add Host Firmware
carnil> Interface (HFI)"). Vulnerable versions: 4.13.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.17-rc1) [06d6770ff0d8cc8dfd392329a8cc03e2a83e7289]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.16-upstream-stable |
released (6.16.2) [bed4921055dd7bb4d2eea2729852ae18cf97a2c6]
|
| 6.15-upstream-stable |
released (6.15.11) [c956c3758510b448b3d4d10d1da8230e8c9bf668]
|
| 6.12-upstream-stable |
released (6.12.43) [6f08bfb5805637419902f3d70069fe17a404545b]
|
| 6.6-upstream-stable |
released (6.6.103) [8f274e2b05fdae7a53cee83979202b5ecb49035c]
|
| 6.1-upstream-stable |
released (6.1.149) [a3eef5847603cd8a4110587907988c3f93c9605a]
|
| 5.10-upstream-stable |
needed
|
| sid |
released (6.16.3-1)
|
| 6.12-trixie-security |
released (6.12.43-1)
|
| 6.1-bookworm-security |
released (6.1.153-1)
|
| 5.10-bullseye-security |
needed
|
