drm/mediatek: Clean dangling pointer on bind error path
CVE-2023-53388

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53388?

In the Linux kernel, the following vulnerability has been resolved:

drm/mediatek: Clean dangling pointer on bind error path

mtk_drm_bind() can fail, in which case drm_dev_put() is called, destroying the drm_device object. However a pointer to it was still being held in the private object, and that pointer would be passed along to DRM in mtk_drm_sys_prepare() if a suspend were triggered at that point, resulting in a panic. Clean the pointer when destroying the object in the error path to prevent this from happening.

Affected Version(s)

Linux 119f5173628aa7a0c3cf9db83460d40709e8241d < 9a48f99aa7bea15e0b1d8b0040c46b4792eddf3b

Linux 119f5173628aa7a0c3cf9db83460d40709e8241d

Linux 119f5173628aa7a0c3cf9db83460d40709e8241d < 6a89ddee1686a8872384aaa9f0bcfa6b675acd86

References

https://git.kernel.org/stable/c/9a48f99aa7bea15e0b1d8b004...
https://git.kernel.org/stable/c/a161f1d92aabb3b8463f752bd...
https://git.kernel.org/stable/c/6a89ddee1686a8872384aaa9f...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-53388 : Dangling Pointer Vulnerability in Linux Kernel's MediaTek DRM Component