This series primarily adds check at relevant places in venus driver where there are possible OOB accesses due to unexpected payload from venus firmware. The patches describes the specific OOB possibility. Signed-off-by: Vedang Nagar <quic_vnagar@xxxxxxxxxxx> --- Changes in v2: - Decompose sequence change event function. - Fix repopulating the packet .with the first read during read_queue. - Link to v1: https://lore.kernel.org/r/20250104-venus-security-fixes-v1-0-9d0dd4594cb4@xxxxxxxxxxx --- Vedang Nagar (2): media: venus: fix OOB read issue due to double read media: venus: fix OOB access issue while reading sequence changed events drivers/media/platform/qcom/venus/hfi_msgs.c | 72 +++++++++++++++++++++++---- drivers/media/platform/qcom/venus/hfi_venus.c | 1 + 2 files changed, 63 insertions(+), 10 deletions(-) --- base-commit: 91e71d606356e50f238d7a87aacdee4abc427f07 change-id: 20241211-venus-security-fixes-50c22e2564d5 Best regards, -- Vedang Nagar <quic_vnagar@xxxxxxxxxxx>
