From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4F568330D4C for ; Fri, 8 May 2026 13:14:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778246087; cv=none; b=DqhptlTh1Is/CuhwsYRphDXYeIM4/309BFccbeKgr07IeXrDXSFfgc8KeTYofXbeD+mtiH7hU3JzVJUR+aDS9kDE5Eys3GTZg7fZpHexpjH2ngc8DoJyissfz2Y3qI+lZSG9eOQiGkzdiFhfZzaJ44NuBu2ufVNXmvAZCCYSVVs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778246087; c=relaxed/simple; bh=DUR0MFnD3KRfq54M1O0AmFSYL66CzRj0LILWmr5TalI=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=Ecgv+7BI4QpbbMDTeN+QR6RUgNTlJNc9rFluA+3wEibU4rvNOAg9MJtcsnxbVf8kkw+PSVE2TpUhXFabpTMTpfVdGFTTsmOSekwWPnxbZtZgMG7s7Z9oWP2/hPw3BFHv9+SOLEP/d4uiJLVQMfEP16xUVPlpk0D/LwUn4lo87aQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=DLKMZYRU; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="DLKMZYRU" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8F90AC2BCB0; Fri, 8 May 2026 13:14:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1778246086; bh=DUR0MFnD3KRfq54M1O0AmFSYL66CzRj0LILWmr5TalI=; h=From:To:Cc:Subject:Date:Reply-To:From; b=DLKMZYRUjAZQrB1LY9r+cOnzJfssJFEgJw9UyKh/uTzLd2256zVSBwjpZ+OKqe8xy Fu/XtDXi6PcFisD/8UiHNYNO7EUrXYuFeS4VTx/978lznT4tNYPuesUQOa22RMJt2E yyu6bpacNTJUfcQ0fykT+MVZvTZpbcRAlLBRyxTU= From: Greg Kroah-Hartman To: linux-cve-announce@vger.kernel.org Cc: Greg Kroah-Hartman Subject: CVE-2026-43310: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC Date: Fri, 8 May 2026 15:12:15 +0200 Message-ID: <2026050859-CVE-2026-43310-4485@gregkh> X-Mailer: git-send-email 2.54.0 Reply-To: , Precedence: bulk X-Mailing-List: linux-cve-announce@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2522; i=gregkh@linuxfoundation.org; h=from:subject:message-id; bh=Mp0BLN5N6oSqc43rVKLbSCL8fqR6i+F0TV65K+aPAow=; b=owGbwMvMwCRo6H6F97bub03G02pJDJl/HyqsmO7JepwzU5nL9kXJjfcZUjL1nOZy9pvXf+F9U Rumc7SwI5aFQZCJQVZMkeXLNp6j+ysOKXoZ2p6GmcPKBDKEgYtTACZyPplhwUqdKQdz15ouWX1R R/zcpss3RQStlzDMMziveuma00WWfuW3Ew+reV0X26EgDgA= X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Content-Transfer-Encoding: 8bit From: Greg Kroah-Hartman Description =========== In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produce corrupted pictures, even potentially lead to system hang. [ 110.527986] hantro-vpu 38310000.video-codec: frame decode timed out. [ 110.583517] hantro-vpu 38310000.video-codec: bus error detected. Therefore, it is necessary to ensure that g1 and g2 operate alternately. This allows for successful multi-instance decoding of H.264 and HEVC. To achieve this, g1 and g2 share the same v4l2_m2m_dev, and then the v4l2_m2m_dev can handle the scheduling. The Linux kernel CVE team has assigned CVE-2026-43310 to this issue. Affected and fixed versions =========================== Issue introduced in 5.14 with commit cb5dd5a0fa518dff14ff2b90837c3c8f98f4dd5c and fixed in 6.19.6 with commit 286d629d10640bc22f3bf46aa4f356eb7975e862 Issue introduced in 5.14 with commit cb5dd5a0fa518dff14ff2b90837c3c8f98f4dd5c and fixed in 7.0 with commit e0203ddf9af7c8e170e1e99ce83b4dc07f0cd765 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2026-43310 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/media/platform/verisilicon/hantro.h drivers/media/platform/verisilicon/hantro_drv.c drivers/media/platform/verisilicon/imx8m_vpu_hw.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/286d629d10640bc22f3bf46aa4f356eb7975e862 https://git.kernel.org/stable/c/e0203ddf9af7c8e170e1e99ce83b4dc07f0cd765