CVE-2023-53812
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2023-53812, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix decoder disable pm crash Can't call pm_runtime_disable when the architecture support sub device for 'dev->pm.dev' is NUll, or will get below crash log. [ 10.771551] pc : _raw_spin_lock_irq+0x4c/0xa0 [ 10.771556] lr : __pm_runtime_disable+0x30/0x130 [ 10.771558] sp : ffffffc01e4cb800 [ 10.771559] x29: ffffffc01e4cb800 x28: ffffffdf082108a8 [ 10.771563] x27: ffffffc01e4cbd70 x26: ffffff8605df55f0 [ 10.771567] x25: 0000000000000002 x24: 0000000000000002 [ 10.771570] x23: ffffff85c0dc9c00 x22: 0000000000000001 [ 10.771573] x21: 0000000000000001 x20: 0000000000000000 [ 10.771577] x19: 00000000000000f4 x18: ffffffdf2e9fbe18 [ 10.771580] x17: 0000000000000000 x16: ffffffdf2df13c74 [ 10.771583] x15: 00000000000002ea x14: 0000000000000058 [ 10.771587] x13: ffffffdf2de1b62c x12: ffffffdf2e9e30e4 [ 10.771590] x11: 0000000000000000 x10: 0000000000000001 [ 10.771593] x9 : 0000000000000000 x8 : 00000000000000f4 [ 10.771596] x7 : 6bff6264632c6264 x6 : 0000000000008000 [ 10.771600] x5 : 0080000000000000 x4 : 0000000000000001 [ 10.771603] x3 : 0000000000000008 x2 : 0000000000000001 [ 10.771608] x1 : 0000000000000000 x0 : 00000000000000f4 [ 10.771613] Call trace: [ 10.771617] _raw_spin_lock_irq+0x4c/0xa0 [ 10.771620] __pm_runtime_disable+0x30/0x130 [ 10.771657] mtk_vcodec_probe+0x69c/0x728 [mtk_vcodec_dec 800cc929d6631f79f9b273254c8db94d0d3500dc] [ 10.771662] platform_drv_probe+0x9c/0xbc [ 10.771665] really_probe+0x13c/0x3a0 [ 10.771668] driver_probe_device+0x84/0xc0 [ 10.771671] device_driver_attach+0x54/0x78

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-07-06
AI Q&A
2025-12-09
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
mediatek mtk_vcodec *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's MediaTek video codec driver (vcodec). It happens because the code attempts to call pm_runtime_disable on a device whose power management sub-device pointer (dev->pm.dev) is NULL. This leads to a crash in the kernel, as shown by the provided crash log. The issue was fixed by correcting the handling of the decoder disable process to avoid calling pm_runtime_disable when the sub-device is not supported.

Impact Analysis

This vulnerability can cause the Linux kernel to crash when the MediaTek video codec driver tries to disable power management on a device with a NULL sub-device pointer. This crash can lead to system instability or downtime, potentially interrupting media decoding operations or other system functions relying on this driver.

Detection Guidance

This vulnerability can be detected by checking for crash logs related to the MediaTek vcodec decoder, specifically looking for kernel crash messages involving __pm_runtime_disable and mtk_vcodec_probe. You can use the command 'dmesg | grep -i pm_runtime_disable' or 'dmesg | grep -i mtk_vcodec' to search the kernel logs for relevant crash traces.

Mitigation Strategies

Immediate mitigation involves updating the Linux kernel to a version where this vulnerability is fixed, as the issue is resolved by correcting the pm_runtime_disable call in the MediaTek vcodec driver. Until an update is applied, avoid using the affected MediaTek vcodec decoder functionality to prevent triggering the crash.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53812. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart