CVE-2025-39714
media: usbtv: Lock resolution while streaming
In the Linux kernel, the following vulnerability has been resolved:
media: usbtv: Lock resolution while streaming
When an program is streaming (ffplay) and another program (qv4l2)
changes the TV standard from NTSC to PAL, the kernel crashes due to trying
to copy to unmapped memory.
Changing from NTSC to PAL increases the resolution in the usbtv struct,
but the video plane buffer isn't adjusted, so it overflows.
[hverkuil: call vb2_is_busy instead of vb2_is_streaming]
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cert-portal.siemens.com/productcert/html/ssa-032379.htmlhttps://git.kernel.org/stable/c/3d83d0b5ae5045a7a246ed116b5f6c688a12f9e9https://git.kernel.org/stable/c/5427dda195d6baf23028196fd55a0c90f66ffa61https://git.kernel.org/stable/c/7e40e0bb778907b2441bff68d73c3eb6b6cd319fhttps://git.kernel.org/stable/c/9f886d21e235c4bd038cb20f6696084304197ab3https://git.kernel.org/stable/c/c35e7c7a004ef379a1ae7c7486d4829419acad1dhttps://git.kernel.org/stable/c/c3d75524e10021aa5c223d94da4996640aed46c0https://git.kernel.org/stable/c/ee7bade8b9244834229b12b6e1e724939bedd484https://git.kernel.org/stable/c/ef9b3c22405192afaa279077ddd45a51db90b83dhttps://lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlhttps://lists.debian.org/debian-lts-announce/2025/10/msg00008.html