media: platform: mediatek: vpu: fix NULL ptr dereference
CVE-2023-53425

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53425?

In the Linux kernel, the following vulnerability has been resolved:

media: platform: mediatek: vpu: fix NULL ptr dereference

If pdev is NULL, then it is still dereferenced.

This fixes this smatch warning:

drivers/media/platform/mediatek/vpu/mtk_vpu.c:570 vpu_load_firmware() warn: address of NULL pointer 'pdev'

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 099e929e7477f37ca16738fc158d7101c0189ca1

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1b3f25d3894a091abc247eadab266a2c9be64389

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/099e929e7477f37ca16738fc1...
https://git.kernel.org/stable/c/1b3f25d3894a091abc247eada...
https://git.kernel.org/stable/c/c1c5826223ae05a48d21f6708...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-53425 : NULL Pointer Dereference in MediaTek VPU on Linux Kernel