Linux Kernel Wave5 Media Component Kernel Panic Vulnerability

A vulnerability in the Linux kernel's media subsystem, specifically within the Chips Media Wave5 component, can lead to a kernel panic. This issue arises when the system enters suspend mode, causing a timeout in the autosuspend delay. The kernel panic, triggered by an asynchronous SError interrupt, disrupts normal operations and can be challenging to diagnose. The problem was observed on a Texas Instruments J721S2 EVM while testing the Fluster tool.

Impact

Exploitation of this vulnerability causes a kernel panic, halting the system by not syncing and leaving secondary CPUs in a stopped state.

Reproduction

The vulnerability can be reproduced by using the V4L2 (Video for Linux 2) H.265 decoder in a media pipeline. This can be done by sending a video stream to the decoder while the system is set to automatically suspend after a short delay. The combination of the stream processing and the premature suspension triggers the kernel panic.

Remediation

The vulnerability has been fixed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to address this issue.