Description

In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2_dev Commit 42a2f6664e18 ("staging: vc04_services: Move global g_state to vchiq_state") changed mmal_init to pass dev->v4l2_dev.dev to vchiq_mmal_init, however nothing iniitialised dev->v4l2_dev, so we got a NULL pointer dereference. Set dev->v4l2_dev.dev during bcm2835_mmal_probe. The device pointer could be passed into v4l2_device_register to set it, however that also has other effects that would need additional changes.

INFO

Published Date :

2025-05-20T16:47:17.879Z

Last Modified :

2025-05-26T05:24:50.702Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-37971 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-37971.

URL Resource
https://git.kernel.org/stable/c/06753f49336ab161ea0e249a0720125b81b7b31b cve-icon cve-icon
https://git.kernel.org/stable/c/98698ca0e58734bc5c1c24e5bbc7429f981cd186 cve-icon cve-icon
https://git.kernel.org/stable/c/b70bdd4923e8b8edbacde2af83ca337bb7005261 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025052045-CVE-2025-37971-87dd@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-37971 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-37971 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact