CVE-2023-54147 — Missing Release of Memory after Effective Lifetime in Linux

7 documents6 sources

Severity

5.3MEDIUM

No vector

EPSS

0.0%

top 92.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida_alloc Add the check for the return value of the ida_alloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx->id" if mdp_m2m_open fails later in order to avoid memory leak.

Affected Packages4 packages

▶Linuxlinux/linux_kernel6.1.0 — 6.1.28+2

▶Debianlinux/linux_kernel< 6.1.37-1+2

▶CVEListV5linux/linux61890ccaefaff89f5babd2c8412fd222c3f5fe38 — 51fc1880e47421ee7b192372e8e86b7bbba40776+4

▶debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-xh2f-j4vc-q8qj: In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida_alloc Add the chec↗2025-12-24

▶

OSV

CVE-2023-54147: In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida_alloc Add the check↗2025-12-24

▶

OSV

media: platform: mtk-mdp3: Add missing check and free for ida_alloc↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: media: platform: mtk-mdp3: Add missing check and free for ida_alloc↗2025-12-24

▶

Debian

CVE-2023-54147: linux - In the Linux kernel, the following vulnerability has been resolved: media: plat...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54147 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶