Use-After-Free Issue in MediaTek Drivers Affecting Linux Kernel
CVE-2023-53854

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2023-53854?

A use-after-free vulnerability has been identified in the MediaTek MT8186 audio driver within the Linux kernel. This issue stems from improper handling of resource deallocation in the driver removal path, particularly due to incorrect sequencing of cleanup calls. When the driver is removed, specific cleanup functions were called in the wrong order, leading to potential memory access violations and leaks. This vulnerability can impact system stability and security, emphasizing the importance of correctly utilizing resource management functions in driver development.

Affected Version(s)

Linux 55b423d5623ccd6785429431c2cf5f3e073b73ba < 3e56a1c04882852e3e7d6c59756a16211ebbc457

Linux 55b423d5623ccd6785429431c2cf5f3e073b73ba

References

https://git.kernel.org/stable/c/3e56a1c04882852e3e7d6c597...

https://git.kernel.org/stable/c/dffd9e2b57cb845930fa885aa...

https://git.kernel.org/stable/c/a93d2afd3f77a7331271a0f25...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

JSON