Linux Kernel Resource Leak Vulnerability in MediaTek VCodec

Vulnerability

A resource leak vulnerability has been addressed in the Linux kernel's MediaTek vcodec component. This issue arises on MediaTek devices with a system companion processor (SCP), where the mtk_scp structure must be explicitly removed to prevent the leak. The vulnerability occurs during the firmware initialization process, requiring the structure to be freed if the firmware allocation fails.

Impact

The vulnerability could lead to a resource leak, potentially causing memory to be improperly managed or released.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Resource Leak Vulnerability in MediaTek VCodec

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating