NACK: [SRU][N][PATCH 0/1] CVE-2024-50287
Koichiro Den
koichiro.den at canonical.com
Tue Mar 18 06:28:22 UTC 2025
On Thu, Mar 13, 2025 at 02:11:03PM GMT, Andrei Gherzan wrote:
> [Impact]
>
> media: v4l2-tpg: prevent the risk of a division by zero
> As reported by Coverity, the logic at tpg_precalculate_line()
> blindly rescales the buffer even when scaled_witdh is equal to
> zero. If this ever happens, this will cause a division by zero.
>
> Instead, add a WARN_ON_ONCE() to trigger such cases and return
> without doing any precalculation.
>
> [Fix]
>
> Noble: The fix applies cleanly.
>
> [Test Case]
>
> * Build test for all supported architectures.
> * Boot tested on amd64 architecture.
>
> [Where problems could occur]
>
> The change could affect users of V4L2 Test Pattern Generator support.
>
> Mauro Carvalho Chehab (1):
> media: v4l2-tpg: prevent the risk of a division by zero
>
> drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 +++
> 1 file changed, 3 insertions(+)
>
This commit was included in an upstream stable patchset (LP: #2100292),
which was applied to master-next exactly on the same day as your
submission:
https://lists.ubuntu.com/archives/kernel-team/2025-March/157999.html
Please let me NACK this for that reason.
More information about the kernel-team
mailing list