CVE-2022-49247: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED If the callback 'start_streaming' fails, then all queued buffers in the driver should be returned with state 'VB2_BUF_STATE_QUEUED'. Currently, they are returned with 'VB2_BUF_STATE_ERROR' which is wrong. Fix this. This also fixes the warning: [ 65.583633] WARNING: CPU: 5 PID: 593 at drivers/media/common/videobuf2/videobuf2-core.c:1612 vb2_start_streaming+0xd4/0x160 [videobuf2_common] [ 65.585027] Modules linked in: snd_usb_audio snd_hwdep snd_usbmidi_lib snd_rawmidi snd_soc_hdmi_codec dw_hdmi_i2s_audio saa7115 stk1160 videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_common videodev mc crct10dif_ce panfrost snd_soc_simple_card snd_soc_audio_graph_card snd_soc_spdif_tx snd_soc_simple_card_utils gpu_sched phy_rockchip_pcie snd_soc_rockchip_i2s rockchipdrm analogix_dp dw_mipi_dsi dw_hdmi cec drm_kms_helper drm rtc_rk808 rockchip_saradc industrialio_triggered_buffer kfifo_buf rockchip_thermal pcie_rockchip_host ip_tables x_tables ipv6 [ 65.589383] CPU: 5 PID: 593 Comm: v4l2src0:src Tainted: G W 5.16.0-rc4-62408-g32447129cb30-dirty #14 [ 65.590293] Hardware name: Radxa ROCK Pi 4B (DT) [ 65.590696] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 65.591304] pc : vb2_start_streaming+0xd4/0x160 [videobuf2_common] [ 65.591850] lr : vb2_start_streaming+0x6c/0x160 [videobuf2_common] [ 65.592395] sp : ffff800012bc3ad0 [ 65.592685] x29: ffff800012bc3ad0 x28: 0000000000000000 x27: ffff800012bc3cd8 [ 65.593312] x26: 0000000000000000 x25: ffff00000d8a7800 x24: 0000000040045612 [ 65.593938] x23: ffff800011323000 x22: ffff800012bc3cd8 x21: ffff00000908a8b0 [ 65.594562] x20: ffff00000908a8c8 x19: 00000000fffffff4 x18: ffffffffffffffff [ 65.595188] x17: 000000040044ffff x16: 00400034b5503510 x15: ffff800011323f78 [ 65.595813] x14: ffff000013163886 x13: ffff000013163885 x12: 00000000000002ce [ 65.596439] x11: 0000000000000028 x10: 0000000000000001 x9 : 0000000000000228 [ 65.597064] x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff726c5e78 [ 65.597690] x5 : ffff800012bc3990 x4 : 0000000000000000 x3 : ffff000009a34880 [ 65.598315] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000007cd99f0 [ 65.598940] Call trace: [ 65.599155] vb2_start_streaming+0xd4/0x160 [videobuf2_common] [ 65.599672] vb2_core_streamon+0x17c/0x1a8 [videobuf2_common] [ 65.600179] vb2_streamon+0x54/0x88 [videobuf2_v4l2] [ 65.600619] vb2_ioctl_streamon+0x54/0x60 [videobuf2_v4l2] [ 65.601103] v4l_streamon+0x3c/0x50 [videodev] [ 65.601521] __video_do_ioctl+0x1a4/0x428 [videodev] [ 65.601977] video_usercopy+0x320/0x828 [videodev] [ 65.602419] video_ioctl2+0x3c/0x58 [videodev] [ 65.602830] v4l2_ioctl+0x60/0x90 [videodev] [ 65.603227] __arm64_sys_ioctl+0xa8/0xe0 [ 65.603576] invoke_syscall+0x54/0x118 [ 65.603911] el0_svc_common.constprop.3+0x84/0x100 [ 65.604332] do_el0_svc+0x34/0xa0 [ 65.604625] el0_svc+0x1c/0x50 [ 65.604897] el0t_64_sync_handler+0x88/0xb0 [ 65.605264] el0t_64_sync+0x16c/0x170 [ 65.605587] ---[ end trace 578e0ba07742170d ]---
AI Analysis
Technical Summary
CVE-2022-49247 is a vulnerability identified in the Linux kernel's media subsystem, specifically within the stk1160 driver, which handles certain USB video capture devices. The flaw relates to the handling of buffer states when the 'start_streaming' callback fails during video streaming initialization. Normally, if 'start_streaming' fails, all queued buffers should be returned with the state 'VB2_BUF_STATE_QUEUED' to indicate they are still queued and can be retried or properly handled. However, due to this vulnerability, these buffers are incorrectly returned with the state 'VB2_BUF_STATE_ERROR'. This improper state handling can lead to incorrect error reporting and potentially unstable behavior in the video buffer management subsystem. The issue also triggers kernel warnings, as evidenced by the detailed kernel stack trace provided, which shows a warning in the videobuf2-core component during streaming start attempts. The vulnerability is rooted in the Linux kernel's videobuf2 framework, which is widely used for video capture and processing drivers. The affected Linux kernel versions include those with the specific commit hash '8ac456495a33d9466076fea94594181ceefb76d9', indicating a particular code state where this bug exists. While the vulnerability does not appear to allow direct code execution or privilege escalation, it can cause instability or denial of service conditions in systems using the affected driver, especially those relying on the stk1160 USB video capture hardware. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The fix involves correcting the buffer state return logic to ensure buffers are marked as queued rather than error when streaming start fails, preventing kernel warnings and maintaining proper buffer lifecycle management.
Potential Impact
For European organizations, the impact of CVE-2022-49247 is primarily related to system stability and reliability rather than direct security breaches like data exfiltration or privilege escalation. Organizations using Linux systems with the affected kernel versions and stk1160-based USB video capture devices—commonly found in multimedia processing, video surveillance, or broadcasting environments—may experience application crashes or kernel warnings leading to service interruptions. This can degrade the availability of video streaming services or surveillance systems, which could be critical in sectors such as public safety, transportation, media, and industrial monitoring. While the vulnerability does not appear to expose sensitive data or allow unauthorized access, denial of service or system instability in critical video infrastructure could have operational consequences. Additionally, the kernel warnings and improper buffer handling could complicate troubleshooting and system maintenance. Given the widespread use of Linux in European IT infrastructure, especially in embedded and industrial systems, organizations should assess their exposure based on hardware and kernel versions in use.
Mitigation Recommendations
To mitigate CVE-2022-49247, European organizations should: 1) Identify Linux systems running affected kernel versions, particularly those utilizing the stk1160 driver or similar USB video capture devices. 2) Apply the official Linux kernel patches that correct the buffer state handling in the videobuf2 framework as soon as they become available from trusted sources or Linux distribution vendors. 3) If immediate patching is not possible, consider disabling or limiting the use of affected video capture hardware to reduce risk of instability. 4) Monitor system logs for kernel warnings related to videobuf2 or stk1160 to detect potential triggering of this issue. 5) Implement robust system monitoring and alerting to quickly identify and respond to any denial of service or instability events linked to video streaming components. 6) Engage with hardware vendors and Linux distribution maintainers to ensure timely updates and support. 7) For critical environments, conduct testing of updated kernels in staging before deployment to avoid regressions.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden
CVE-2022-49247: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED If the callback 'start_streaming' fails, then all queued buffers in the driver should be returned with state 'VB2_BUF_STATE_QUEUED'. Currently, they are returned with 'VB2_BUF_STATE_ERROR' which is wrong. Fix this. This also fixes the warning: [ 65.583633] WARNING: CPU: 5 PID: 593 at drivers/media/common/videobuf2/videobuf2-core.c:1612 vb2_start_streaming+0xd4/0x160 [videobuf2_common] [ 65.585027] Modules linked in: snd_usb_audio snd_hwdep snd_usbmidi_lib snd_rawmidi snd_soc_hdmi_codec dw_hdmi_i2s_audio saa7115 stk1160 videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_common videodev mc crct10dif_ce panfrost snd_soc_simple_card snd_soc_audio_graph_card snd_soc_spdif_tx snd_soc_simple_card_utils gpu_sched phy_rockchip_pcie snd_soc_rockchip_i2s rockchipdrm analogix_dp dw_mipi_dsi dw_hdmi cec drm_kms_helper drm rtc_rk808 rockchip_saradc industrialio_triggered_buffer kfifo_buf rockchip_thermal pcie_rockchip_host ip_tables x_tables ipv6 [ 65.589383] CPU: 5 PID: 593 Comm: v4l2src0:src Tainted: G W 5.16.0-rc4-62408-g32447129cb30-dirty #14 [ 65.590293] Hardware name: Radxa ROCK Pi 4B (DT) [ 65.590696] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 65.591304] pc : vb2_start_streaming+0xd4/0x160 [videobuf2_common] [ 65.591850] lr : vb2_start_streaming+0x6c/0x160 [videobuf2_common] [ 65.592395] sp : ffff800012bc3ad0 [ 65.592685] x29: ffff800012bc3ad0 x28: 0000000000000000 x27: ffff800012bc3cd8 [ 65.593312] x26: 0000000000000000 x25: ffff00000d8a7800 x24: 0000000040045612 [ 65.593938] x23: ffff800011323000 x22: ffff800012bc3cd8 x21: ffff00000908a8b0 [ 65.594562] x20: ffff00000908a8c8 x19: 00000000fffffff4 x18: ffffffffffffffff [ 65.595188] x17: 000000040044ffff x16: 00400034b5503510 x15: ffff800011323f78 [ 65.595813] x14: ffff000013163886 x13: ffff000013163885 x12: 00000000000002ce [ 65.596439] x11: 0000000000000028 x10: 0000000000000001 x9 : 0000000000000228 [ 65.597064] x8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff726c5e78 [ 65.597690] x5 : ffff800012bc3990 x4 : 0000000000000000 x3 : ffff000009a34880 [ 65.598315] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000007cd99f0 [ 65.598940] Call trace: [ 65.599155] vb2_start_streaming+0xd4/0x160 [videobuf2_common] [ 65.599672] vb2_core_streamon+0x17c/0x1a8 [videobuf2_common] [ 65.600179] vb2_streamon+0x54/0x88 [videobuf2_v4l2] [ 65.600619] vb2_ioctl_streamon+0x54/0x60 [videobuf2_v4l2] [ 65.601103] v4l_streamon+0x3c/0x50 [videodev] [ 65.601521] __video_do_ioctl+0x1a4/0x428 [videodev] [ 65.601977] video_usercopy+0x320/0x828 [videodev] [ 65.602419] video_ioctl2+0x3c/0x58 [videodev] [ 65.602830] v4l2_ioctl+0x60/0x90 [videodev] [ 65.603227] __arm64_sys_ioctl+0xa8/0xe0 [ 65.603576] invoke_syscall+0x54/0x118 [ 65.603911] el0_svc_common.constprop.3+0x84/0x100 [ 65.604332] do_el0_svc+0x34/0xa0 [ 65.604625] el0_svc+0x1c/0x50 [ 65.604897] el0t_64_sync_handler+0x88/0xb0 [ 65.605264] el0t_64_sync+0x16c/0x170 [ 65.605587] ---[ end trace 578e0ba07742170d ]---
AI-Powered Analysis
Technical Analysis
CVE-2022-49247 is a vulnerability identified in the Linux kernel's media subsystem, specifically within the stk1160 driver, which handles certain USB video capture devices. The flaw relates to the handling of buffer states when the 'start_streaming' callback fails during video streaming initialization. Normally, if 'start_streaming' fails, all queued buffers should be returned with the state 'VB2_BUF_STATE_QUEUED' to indicate they are still queued and can be retried or properly handled. However, due to this vulnerability, these buffers are incorrectly returned with the state 'VB2_BUF_STATE_ERROR'. This improper state handling can lead to incorrect error reporting and potentially unstable behavior in the video buffer management subsystem. The issue also triggers kernel warnings, as evidenced by the detailed kernel stack trace provided, which shows a warning in the videobuf2-core component during streaming start attempts. The vulnerability is rooted in the Linux kernel's videobuf2 framework, which is widely used for video capture and processing drivers. The affected Linux kernel versions include those with the specific commit hash '8ac456495a33d9466076fea94594181ceefb76d9', indicating a particular code state where this bug exists. While the vulnerability does not appear to allow direct code execution or privilege escalation, it can cause instability or denial of service conditions in systems using the affected driver, especially those relying on the stk1160 USB video capture hardware. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The fix involves correcting the buffer state return logic to ensure buffers are marked as queued rather than error when streaming start fails, preventing kernel warnings and maintaining proper buffer lifecycle management.
Potential Impact
For European organizations, the impact of CVE-2022-49247 is primarily related to system stability and reliability rather than direct security breaches like data exfiltration or privilege escalation. Organizations using Linux systems with the affected kernel versions and stk1160-based USB video capture devices—commonly found in multimedia processing, video surveillance, or broadcasting environments—may experience application crashes or kernel warnings leading to service interruptions. This can degrade the availability of video streaming services or surveillance systems, which could be critical in sectors such as public safety, transportation, media, and industrial monitoring. While the vulnerability does not appear to expose sensitive data or allow unauthorized access, denial of service or system instability in critical video infrastructure could have operational consequences. Additionally, the kernel warnings and improper buffer handling could complicate troubleshooting and system maintenance. Given the widespread use of Linux in European IT infrastructure, especially in embedded and industrial systems, organizations should assess their exposure based on hardware and kernel versions in use.
Mitigation Recommendations
To mitigate CVE-2022-49247, European organizations should: 1) Identify Linux systems running affected kernel versions, particularly those utilizing the stk1160 driver or similar USB video capture devices. 2) Apply the official Linux kernel patches that correct the buffer state handling in the videobuf2 framework as soon as they become available from trusted sources or Linux distribution vendors. 3) If immediate patching is not possible, consider disabling or limiting the use of affected video capture hardware to reduce risk of instability. 4) Monitor system logs for kernel warnings related to videobuf2 or stk1160 to detect potential triggering of this issue. 5) Implement robust system monitoring and alerting to quickly identify and respond to any denial of service or instability events linked to video streaming components. 6) Engage with hardware vendors and Linux distribution maintainers to ensure timely updates and support. 7) For critical environments, conduct testing of updated kernels in staging before deployment to avoid regressions.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-02-26T01:49:39.295Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d982dc4522896dcbe5412
Added to database: 5/21/2025, 9:09:01 AM
Last enriched: 6/30/2025, 4:42:32 AM
Last updated: 7/31/2025, 2:59:23 PM
Views: 12
Related Threats
CVE-2025-8840: Improper Authorization in jshERP
MediumCVE-2025-8853: CWE-290 Authentication Bypass by Spoofing in 2100 Technology Official Document Management System
CriticalCVE-2025-8838: Improper Authentication in WinterChenS my-site
MediumCVE-2025-8837: Use After Free in JasPer
MediumCVE-2025-8661: Vulnerability in Broadcom Symantec PGP Encryption
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.