In the Linux kernel, the following vulnerability has been resolved:
media: v4l: async: Fix duplicated list deletion
The list deletion call dropped here is already called from the helper function in the line before. Having a second list_del() call results in either a warning (with CONFIG_DEBUG_LIST=y):
list_del corruption, c46c8198->next is LIST_POISON1 (00000100)
If CONFIG_DEBUG_LIST is disabled the operation results in a kernel error due to NULL pointer dereference.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 6.6.0 (including) | 6.6.14 (excluding) |
Linux_kernel | Linux | 6.7.0 (including) | 6.7.2 (excluding) |