Linux Kernel Slab-Use-After-Free Vulnerability in Vidtv Media Driver

A slab-use-after-free vulnerability has been identified in the Linux kernel's Vidtv media driver. This issue arises in the Vidtv multiplexing initialization process, specifically within the 'vidtv_mux_init' function. After a failure in initializing the Program Specific Information (PSI), the 'si' member is accessed again, leading to a use-after-free condition. The vulnerability was reported by yzbot and is associated with a read operation of size 8 from a freed memory address.

Impact

Exploitation of this vulnerability can lead to a use-after-free condition, allowing for potential arbitrary memory access or manipulation.

Reproduction

The vulnerability can be reproduced by initializing a Vidtv multiplexing context while the PSI initialization fails. This can be done by starting a feed in the Vidtv media driver, which will trigger the 'vidtv_mux_init' function. The failed PSI initialization will cause the 'si' member to be accessed after it has been freed, creating the use-after-free condition.