CVE-2022-50826

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection()<br /> <br /> Calling v4l2_subdev_get_try_crop() and v4l2_subdev_get_try_compose()<br /> with a subdev state of NULL leads to a NULL pointer dereference. This<br /> can currently happen in imgu_subdev_set_selection() when the state<br /> passed in is NULL, as this method first gets pointers to both the "try"<br /> and "active" states and only then decides which to use.<br /> <br /> The same issue has been addressed for imgu_subdev_get_selection() with<br /> commit 30d03a0de650 ("ipu3-imgu: Fix NULL pointer dereference in active<br /> selection access"). However the issue still persists in<br /> imgu_subdev_set_selection().<br /> <br /> Therefore, apply a similar fix as done in the aforementioned commit to<br /> imgu_subdev_set_selection(). To keep things a bit cleaner, introduce<br /> helper functions for "crop" and "compose" access and use them in both<br /> imgu_subdev_set_selection() and imgu_subdev_get_selection().