Bug 1224484 (CVE-2024-35919)

Summary: VUL-0: CVE-2024-35919: kernel: media: mediatek: vcodec: adding lock to protect encoder context list
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: gabriele.sonnu, jlee
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/406609/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-05-20 13:01:31 UTC 
In the Linux kernel, the following vulnerability has been resolved:

media: mediatek: vcodec: adding lock to protect encoder context list

Add a lock for the ctx_list, to avoid accessing a NULL pointer
within the 'vpu_enc_ipi_handler' function when the ctx_list has
been deleted due to an unexpected behavior on the SCP IP block.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-35919
https://www.cve.org/CVERecord?id=CVE-2024-35919
https://git.kernel.org/stable/c/41671f0c0182b2bae74ca7e3b0f155559e3e2fc5
https://git.kernel.org/stable/c/51c84a8aac6e3b59af2b0e92ba63cabe2e641a2d
https://git.kernel.org/stable/c/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-35919.mbox
Comment 1 Joey Lee 2024-05-22 11:35:02 UTC 
joeyli@linux-691t:/mnt/working/source_code-git/kernel-source> ./scripts/check-kernel-fix -s 0 CVE-2024-35919
afaaf3a0f647 ("media: mediatek: vcodec: adding lock to protect encoder context list") merged v6.9-rc4~34^2~1
Fixes: 1972e32431ed ("media: mediatek: vcodec: Fix possible invalid memory access for encoder") merged v6.6-rc1~97^2~152
Security fix for CVE-2024-35919 bsc#1224484 with CVSS 0
Experts candidates: tiwai@suse.de 
..............................
NO ACTION NEEDED: All relevant branches contain the fix!

Does not affect any branch. reset assignee
Comment 2 Andrea Mattiazzo 2024-06-12 07:46:45 UTC 
All done, closing.