CVE-2023-54147

medium

Description

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida_alloc Add the check for the return value of the ida_alloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx->id" if mdp_m2m_open fails later in order to avoid memory leak.

References

https://git.kernel.org/stable/c/d00f592250782538cda87745607695b0fe27dcd4

https://git.kernel.org/stable/c/51fc1880e47421ee7b192372e8e86b7bbba40776

https://git.kernel.org/stable/c/4c173a65a2b1cc0556c3f6f0bab82e4fdb449522

https://git.kernel.org/stable/c/22b72cad501fb75500cc60af4d92de3066fb6fc2

Details

Source: Mitre, NVD

Published: 2025-12-24

Updated: 2025-12-24

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018