CVE-2023-53425
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-18
Last updated on: 2025-12-11
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
media: platform: mediatek: vpu: fix NULL ptr dereference
If pdev is NULL, then it is still dereferenced.
This fixes this smatch warning:
drivers/media/platform/mediatek/vpu/mtk_vpu.c:570 vpu_load_firmware() warn: address of NULL pointer 'pdev'
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | to 4.14.324 (exc) |
| linux | linux_kernel | From 4.15 (inc) to 4.19.293 (exc) |
| linux | linux_kernel | From 4.20 (inc) to 5.4.255 (exc) |
| linux | linux_kernel | From 5.5 (inc) to 5.10.192 (exc) |
| linux | linux_kernel | From 5.11 (inc) to 5.15.128 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.47 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.4.12 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a NULL pointer dereference in the Linux kernel's MediaTek VPU platform driver. Specifically, if the 'pdev' pointer is NULL, the code still dereferences it, which can lead to a crash or unexpected behavior.
How can this vulnerability impact me? :
This vulnerability can cause the affected system to crash or behave unpredictably due to the NULL pointer dereference, potentially leading to denial of service or system instability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70