429 matches found
CVE-2023-54147
In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for idaalloc Add the check for the return value of the idaalloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdpm2mopen fails later in orde...
CVE-2023-54103
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
UBUNTU-CVE-2023-54147
In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for idaalloc Add the check for the return value of the idaalloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdpm2mopen fails later in orde...
CVE-2023-54147 media: platform: mtk-mdp3: Add missing check and free for ida_alloc
In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for idaalloc Add the check for the return value of the idaalloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdpm2mopen fails later in orde...
CVE-2023-54147
CVE-2023-54147 affects the Linux kernel component media: platform: mtk-mdp3. The root cause is a missing check of the return value from ida_alloc, which could lead to a NULL pointer dereference. The patch also ensures that the allocated ctx->id is freed if mdp_m2m_open fails later, preventing ...
CVE-2023-54147 media: platform: mtk-mdp3: Add missing check and free for ida_alloc
In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for idaalloc Add the check for the return value of the idaalloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdpm2mopen fails later in orde...
CVE-2023-54103
...
CVE-2023-54103 media: mtk-jpeg: Fix use after free bug due to uncanceled work
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to uncanceled work In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. Then mtkjpegdecdevicerun and mtkjpegencdevicerun may be called to start the work. If we...
CVE-2023-54059 soc: mediatek: mtk-svs: Enable the IRQ later
In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...
CVE-2022-50711
CVE-2022-50711 affects the Linux kernel net: ethernet: mtk_eth_soc component, where a memory leak can occur if mtk_wed_add_hw() is called and the module is not properly cleaned up; the fix requires calling mtk_wed_exit() in the error path or upon module removal to free memory allocated by mtk_wed...
PT-2025-52941
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the mtk probe function within the mtk eth soc module of the Linux kernel's networking subsystem. Specifically, if the mtk wed add hw function is called, the...
PT-2025-53224
In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida alloc Add the check for the return value of the ida alloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdp m2m open fails later in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991179)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991179 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: out of bounds read in mtkhwlrogetfdirentry The fsp-location variable...
SUSE CVE-2025-40156
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe The drv-sramreg pointer could be set to ERRPTR-EPROBEDEFER which would lead to a error pointer dereference. Use ISERRORNULL to check that the pointer is vali...
CVE-2025-60695
A stack-based buffer overflow vulnerability exists in the mtkdut binary of Linksys E7350 routers Firmware 1.1.00.032. The function sub4045A8 reads up to 256 bytes from /sys/class/net/%s/address into a local buffer and then copies it into caller-provided buffer a1 using strcpy without boundary...
CVE-2025-40156
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe The drv-sramreg pointer could be set to ERRPTR-EPROBEDEFER which would lead to a error pointer dereference. Use ISERRORNULL to check that the pointer is vali...
CVE-2025-60695
A stack-based buffer overflow vulnerability exists in the mtkdut binary of Linksys E7350 routers Firmware 1.1.00.032. The function sub4045A8 reads up to 256 bytes from /sys/class/net/%s/address into a local buffer and then copies it into caller-provided buffer a1 using strcpy without boundary...
Linksys E7350 安全漏洞
Linksys E7350 is a dual-band WiFi 6 router with AX1800 speeds from Linksys USA. A security vulnerability exists in the Linksys E7350 version 1.1.00.032, which originates from a stack buffer overflow in the mtkdut binary file, which could result in memory corruption, denial of service, or executio...
PT-2025-46869
Name of the Vulnerable Software and Affected Versions Linksys E7350 Router versions 1.1.00.032 Description A stack-based buffer overflow exists in the mtk dut binary. The sub 4045A8 function reads up to 256 bytes from /sys/class/net/%s/address into a local buffer and copies it into a...
CVE-2025-40156
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe The drv-sramreg pointer could be set to ERRPTR-EPROBEDEFER which would lead to a error pointer dereference. Use ISERRORNULL to check that the pointer is vali...