Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the VP8 stateless decoder’s “smatch” warning. A “smatch” static checker warning was also fixed in vdecvp8reqif.c. This issue causes the kernel to crash when fb is set to NULL...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the H264 multi-stateless decoder’s match warning. A match static checker warning has been fixed in vdech264reqmultiif.c. This issue causes the kernel to crash when fb is NULL...

DEBIAN-CVE-2026-31584

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of the release path after the encoder release in the media mediatek vcodec modul...

CVE-2023-53748

The CVE-2023-53748 entry concerns a Linux kernel issue in media: mediatek: vcodec where an array bounds check was missing in decoder queue_setup. The vulnerability arises because *nplanes is user-provided and can range up to 8, while q_data->fmt->num_planes is 1–3; an index i could access b...

EUVD-2016-4813

Malware in sbrugna...

EUVD-2016-4825

Malware in sbrugna...

EUVD-2017-0886

Malware in sbrugna...

EUVD-2016-9244

Malware in sbrugna...

EUVD-2016-4950

Malware in sbrugna...

EUVD-2017-0971

Malware in sbrugna...

EUVD-2016-4949

Malware in sbrugna...

EUVD-2017-1096

Malware in sbrugna...

EUVD-2016-4941

Malware in sbrugna...

EUVD-2016-4812

Malware in sbrugna...

CVE-2023-53425 media: platform: mediatek: vpu: fix NULL ptr dereference

In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...

CVE-2022-50383 media: mediatek: vcodec: Can't set dst buffer to done when lat decode error

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Can't set dst buffer to done when lat decode error Core thread will call v4l2m2mbufdone to set dst buffer done for lat architecture. If lat call v4l2m2mbufdoneandjobfinish to free dst buffer when lat deco...

CVE-2022-50383

The CVE-2022-50383 vulnerability affects the Linux kernel media: mediatek: vcodec path. It describes a fix for a race/NULL pointer dereference when latency decoding errors cause the core thread to call v4l2_m2m_buf_done_and_job_finish and free the dst buffer, potentially triggering a NULL pointer...

media: mtk-vcodec: potential null pointer deference in SCP

...

SUSE-SU-2025:02254-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...