Linux Kernel Coda Media Component NULL Pointer Dereference Vulnerability

A vulnerability allowing a NULL pointer dereference has been identified in the Linux kernel's media component, specifically within the CODA7541 JPEG support. The issue arises in the CODA media driver, where the absence of proper checks on memory allocation can lead to dereferencing a NULL pointer. This vulnerability is present in several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a crash of the affected component or application.

Reproduction

The vulnerability can be reproduced by triggering the CODA7541 JPEG support in the media component. This can be done by setting the destination fourcc to V4L2_PIX_FMT_JPEG, which will invoke the coda_start_encoding function. The function attempts to access and use JPEG quantization tables. If these tables are not properly initialized due to a failed memory allocation, the driver will dereference a NULL pointer, leading to a crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the Linux kernel can be found in the official Linux kernel documentation.