Linux Kernel Out-of-Bounds Read Vulnerability in ADV7842 Video Decoder Driver

A vulnerability has been identified in the Linux kernel's ADV7842 video decoder driver, specifically in the 'adv7842_cp_log_status' function. This issue arises because the 'cp_read' and 'hdmi_read' functions can return an error value that is improperly used as an index for array access, potentially leading to out-of-bounds reads. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability could lead to out-of-bounds reads, which may cause information disclosure or undefined behavior.

Reproduction

The vulnerability can be reproduced by invoking the 'adv7842_cp_log_status' function in the ADV7842 video decoder driver. This function will read values from the CP block, specifically using the 'cp_read' and 'hdmi_read' functions. If these functions return an error value, it will be used as an index to access arrays, causing an out-of-bounds read.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. The patch is available in the Linux kernel stable tree.