vulnerability

Ubuntu: (Multiple Advisories) (CVE-2025-22028): Linux kernel vulnerabilities

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Apr 16, 2025
Added
Jun 26, 2025
Modified
Jan 13, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

media: vimc: skip .s_stream() for stopped entities

Syzbot reported [1] a warning prompted by a check in call_s_stream()
that checks whether .s_stream() operation is warranted for unstarted
or stopped subdevs.

Add a simple fix in vimc_streamer_pipeline_terminate() ensuring that
entities skip a call to .s_stream() unless they have been previously
properly started.

[1] Syzbot report:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5933 at drivers/media/v4l2-core/v4l2-subdev.c:460 call_s_stream+0x2df/0x350 drivers/media/v4l2-core/v4l2-subdev.c:460
Modules linked in:
CPU: 0 UID: 0 PID: 5933 Comm: syz-executor330 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
...
Call Trace:
<TASK>
vimc_streamer_pipeline_terminate+0x218/0x320 drivers/media/test-drivers/vimc/vimc-streamer.c:62
vimc_streamer_pipeline_init drivers/media/test-drivers/vimc/vimc-streamer.c:101 [inline]
vimc_streamer_s_stream+0x650/0x9a0 drivers/media/test-drivers/vimc/vimc-streamer.c:203
vimc_capture_start_streaming+0xa1/0x130 drivers/media/test-drivers/vimc/vimc-capture.c:256
vb2_start_streaming+0x15f/0x5a0 drivers/media/common/videobuf2/videobuf2-core.c:1789
vb2_core_streamon+0x2a7/0x450 drivers/media/common/videobuf2/videobuf2-core.c:2348
vb2_streamon drivers/media/common/videobuf2/videobuf2-v4l2.c:875 [inline]
vb2_ioctl_streamon+0xf4/0x170 drivers/media/common/videobuf2/videobuf2-v4l2.c:1118
__video_do_ioctl+0xaf0/0xf00 drivers/media/v4l2-core/v4l2-ioctl.c:3122
video_usercopy+0x4d2/0x1620 drivers/media/v4l2-core/v4l2-ioctl.c:3463
v4l2_ioctl+0x1ba/0x250 drivers/media/v4l2-core/v4l2-dev.c:366
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:906 [inline]
__se_sys_ioctl fs/ioctl.c:892 [inline]
__x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f2b85c01b19
...

Solutions

ubuntu-upgrade-linux-image-6-11-0-1011-realtimeubuntu-upgrade-linux-image-6-11-0-1014-raspiubuntu-upgrade-linux-image-6-11-0-1015-awsubuntu-upgrade-linux-image-6-11-0-1015-lowlatencyubuntu-upgrade-linux-image-6-11-0-1015-lowlatency-64kubuntu-upgrade-linux-image-6-11-0-1016-gcpubuntu-upgrade-linux-image-6-11-0-1016-gcp-64kubuntu-upgrade-linux-image-6-11-0-1017-oracleubuntu-upgrade-linux-image-6-11-0-1017-oracle-64kubuntu-upgrade-linux-image-6-11-0-1018-azureubuntu-upgrade-linux-image-6-11-0-1018-azure-fdeubuntu-upgrade-linux-image-6-11-0-1024-oemubuntu-upgrade-linux-image-6-11-0-28-genericubuntu-upgrade-linux-image-6-11-0-28-generic-64kubuntu-upgrade-linux-image-6-14-0-1004-realtimeubuntu-upgrade-linux-image-6-14-0-1007-awsubuntu-upgrade-linux-image-6-14-0-1007-aws-64kubuntu-upgrade-linux-image-6-14-0-1007-azureubuntu-upgrade-linux-image-6-14-0-1007-azure-fdeubuntu-upgrade-linux-image-6-14-0-1007-oracleubuntu-upgrade-linux-image-6-14-0-1007-oracle-64kubuntu-upgrade-linux-image-6-14-0-1007-raspiubuntu-upgrade-linux-image-6-14-0-1008-gcpubuntu-upgrade-linux-image-6-14-0-1008-gcp-64kubuntu-upgrade-linux-image-6-14-0-22-genericubuntu-upgrade-linux-image-6-14-0-22-generic-64kubuntu-upgrade-linux-image-6-8-0-1025-gkeopubuntu-upgrade-linux-image-6-8-0-1029-azure-nvidiaubuntu-upgrade-linux-image-6-8-0-1038-gkeubuntu-upgrade-linux-image-6-8-0-1038-gke-64kubuntu-upgrade-linux-image-6-8-0-1038-oracleubuntu-upgrade-linux-image-6-8-0-1038-oracle-64kubuntu-upgrade-linux-image-6-8-0-1039-ibmubuntu-upgrade-linux-image-6-8-0-1041-awsubuntu-upgrade-linux-image-6-8-0-1041-aws-64kubuntu-upgrade-linux-image-6-8-0-1041-azureubuntu-upgrade-linux-image-6-8-0-1041-nvidiaubuntu-upgrade-linux-image-6-8-0-1041-nvidia-64kubuntu-upgrade-linux-image-6-8-0-1041-nvidia-lowlatencyubuntu-upgrade-linux-image-6-8-0-1041-nvidia-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-1041-raspiubuntu-upgrade-linux-image-6-8-0-1042-gcpubuntu-upgrade-linux-image-6-8-0-1042-gcp-64kubuntu-upgrade-linux-image-6-8-0-1044-azure-fipsubuntu-upgrade-linux-image-6-8-0-2032-raspi-realtimeubuntu-upgrade-linux-image-6-8-0-86-genericubuntu-upgrade-linux-image-6-8-0-86-generic-64kubuntu-upgrade-linux-image-6-8-0-86-lowlatencyubuntu-upgrade-linux-image-6-8-0-86-lowlatency-64kubuntu-upgrade-linux-image-6-8-1-1036-realtimeubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-6-8ubuntu-upgrade-linux-image-aws-64kubuntu-upgrade-linux-image-aws-64k-6-8ubuntu-upgrade-linux-image-aws-64k-lts-24-04ubuntu-upgrade-linux-image-aws-lts-24-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-6-11ubuntu-upgrade-linux-image-azure-6-8ubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-azure-fde-6-11ubuntu-upgrade-linux-image-azure-fde-edgeubuntu-upgrade-linux-image-azure-fipsubuntu-upgrade-linux-image-azure-fips-6-8ubuntu-upgrade-linux-image-azure-lts-24-04ubuntu-upgrade-linux-image-azure-nvidia-6-8ubuntu-upgrade-linux-image-azure-nvidia-lts-24-04ubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-6-8ubuntu-upgrade-linux-image-gcp-64kubuntu-upgrade-linux-image-gcp-64k-6-8ubuntu-upgrade-linux-image-gcp-64k-lts-24-04ubuntu-upgrade-linux-image-gcp-lts-24-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-6-8ubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-6-8ubuntu-upgrade-linux-image-generic-64k-hwe-22-04ubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-22-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-6-8ubuntu-upgrade-linux-image-gke-64kubuntu-upgrade-linux-image-gke-64k-6-8ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-6-8ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-6-8ubuntu-upgrade-linux-image-ibm-classicubuntu-upgrade-linux-image-ibm-lts-24-04ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-6-11ubuntu-upgrade-linux-image-lowlatency-6-8ubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-6-11ubuntu-upgrade-linux-image-lowlatency-64k-6-8ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04ubuntu-upgrade-linux-image-lowlatency-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-hwe-24-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-6-8ubuntu-upgrade-linux-image-nvidia-64kubuntu-upgrade-linux-image-nvidia-64k-6-8ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04ubuntu-upgrade-linux-image-nvidia-hwe-22-04ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-lowlatency-6-8ubuntu-upgrade-linux-image-nvidia-lowlatency-64kubuntu-upgrade-linux-image-nvidia-lowlatency-64k-6-8ubuntu-upgrade-linux-image-oem-22-04ubuntu-upgrade-linux-image-oem-22-04aubuntu-upgrade-linux-image-oem-22-04bubuntu-upgrade-linux-image-oem-22-04cubuntu-upgrade-linux-image-oem-22-04dubuntu-upgrade-linux-image-oem-24-04bubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-6-8ubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-oracle-64k-6-8ubuntu-upgrade-linux-image-oracle-64k-lts-24-04ubuntu-upgrade-linux-image-oracle-lts-24-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-6-8ubuntu-upgrade-linux-image-raspi-realtimeubuntu-upgrade-linux-image-raspi-realtime-6-8ubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-realtime-6-8-1ubuntu-upgrade-linux-image-realtime-hwe-22-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-6-8ubuntu-upgrade-linux-image-virtual-hwe-22-04ubuntu-upgrade-linux-image-virtual-hwe-24-04

References

    Title
    NEW

    Explore Exposure Command

    Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

    Try it today