CVE-2024-35919: media: mediatek: vcodec: adding lock to protect encoder context list

Description

In the Linux kernel, the following vulnerability has been resolved:

media: mediatek: vcodec: adding lock to protect encoder context list

Add a lock for the ctx_list, to avoid accessing a NULL pointer
within the 'vpu_enc_ipi_handler' function when the ctx_list has
been deleted due to an unexpected behavior on the SCP IP block.

Classification

CVE ID: CVE-2024-35919

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/41671f0c0182b2bae74ca7e3b0f155559e3e2fc5
https://git.kernel.org/stable/c/51c84a8aac6e3b59af2b0e92ba63cabe2e641a2d
https://git.kernel.org/stable/c/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad

Timeline

2024-12-20 00:37:06 UTC
CVE

media: mediatek: vcodec: adding lock to protect encoder context list