Description
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: refactor hfi packet parsing logic words_count denotes the number of words in total payload, while data points to payload of various property within it. When words_count reaches last word, data can access memory beyond the total payload. This can lead to OOB access. With this patch, the utility api for handling individual properties now returns the size of data consumed. Accordingly remaining bytes are calculated before parsing the payload, thereby eliminates the OOB access possibilities.
References (10)
Core 10
Core References
Scores
CVSS v3
7.1
EPSS
0.0008
EPSS Percentile
23.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (9)
debian/debian_linux
11.0
linux/Kernel
4.19.0 - 5.10.237linux
linux/Kernel
5.11.0 - 5.15.181linux
linux/Kernel
5.16.0 - 6.1.135linux
linux/Kernel
6.13.0 - 6.13.12linux
linux/Kernel
6.14.0 - 6.14.3linux
linux/Kernel
6.2.0 - 6.6.88linux
linux/Kernel
6.7.0 - 6.12.24linux
linux/linux_kernel
4.19 - 5.10.237
Published
May 01, 2025
Tracked Since
Feb 18, 2026