| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Jun 2021 18:09:43 +0300 (MSK)
From: Alexander Monakov <amonakov@...ras.ru>
To: Laurent Pinchart <laurent.pinchart@...asonboard.com>
cc: linux-media@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Kernel oops when unplugging UVC webcam
Hello!
My laptop has a "hardwired" button that disconnects its webcam from USB.
I've noticed the following kernel NULL pointer dereference when unplugging
the webcam that way while an application is grabbing frames:
usb 1-1.4: USB disconnect, device number 3
uvcvideo 1-1.4:1.1: Failed to resubmit video URB (-19).
BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: 0000 [#1] SMP
CPU: 4 PID: 3335 Comm: mpv/demux Not tainted 5.12.2 #73
Hardware name: Micro-Star International Co., Ltd. GE60 0NC/MS-16GA, BIOS E16GAIMS.105 03/28/2012
RIP: 0010:usb_ifnum_to_if+0x35/0x50
Code: [snip]
[snip registers]
Call Trace:
usb_set_interface+0x2c/0x280
uvc_video_stop_streaming+0x2f/0x80
uvc_stop_streaming+0x16/0x40
__vb2_queue_cancel+0x23/0x1e0
vb2_core_queue_release+0x1a/0x40
uvc_queue_release+0x1d/0x30
uvc_v4l2_release+0x9d/0xd0
v4l2_release+0xaa/0xb0
__fput+0x84/0x220
task_work_run+0x57/0x90
exit_to_user_mode_prepare+0x100/0x110
syscall_exit_to_user_mode+0x1d/0x40
entry_SYSCALL_64_after_hwframe+0x44/0xae
This does not seem to be reproducible, so perhaps a race is involved.
Complete dmesg is attached.
Thanks.
Alexander
View attachment "dmesg" of type "text/plain" (64809 bytes)
Powered by blists - more mailing lists