CVE-2023-54147

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: platform: mtk-mdp3: Add missing check and free for ida_alloc

Add the check for the return value of the ida_alloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx->id" if mdp_m2m_open fails later in order to avoid memory leak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux61890ccaefaff89f5babd2c8412fd222c3f5fe38 < 51fc1880e47421ee7b192372e8e86b7bbba40776affected
LinuxLinux61890ccaefaff89f5babd2c8412fd222c3f5fe38 < 4c173a65a2b1cc0556c3f6f0bab82e4fdb449522affected
LinuxLinux61890ccaefaff89f5babd2c8412fd222c3f5fe38 < 22b72cad501fb75500cc60af4d92de3066fb6fc2affected
LinuxLinux61890ccaefaff89f5babd2c8412fd222c3f5fe38 < d00f592250782538cda87745607695b0fe27dcd4affected
LinuxLinux6.1affected
LinuxLinux0 < 6.1unaffected
LinuxLinux6.1.28 <= 6.1.*unaffected
LinuxLinux6.2.15 <= 6.2.*unaffected
LinuxLinux6.3.2 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References