Primary

Context

Linux Kernel Mediatek MDP Driver Error Handling Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's Mediatek MDP driver has been addressed. The issue was related to improper error handling in the probe function, which could lead to resource leaks and null pointer dereferences. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could cause resource leaks and null pointer dereferences, potentially leading to undefined behavior or crashes.

Reproduction

The vulnerability can be reproduced by loading the Mediatek MDP driver on a platform device without proper error handling. This can be done by compiling the driver with the existing error handling code, which fails to check the return value of the 'vpu_get_plat_device()' function. When the function returns a null pointer, the driver dereferences it, leading to a crash.

Remediation

The vulnerability has been fixed in the Linux kernel stable tree. Users can upgrade to the latest version to address this issue.

Added: May 6, 2026, 2:22 PM

Updated: May 6, 2026, 2:22 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.9

remediation

7.7

relevance

7.6

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.9

remediation

7.7

relevance

7.6

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Mediatek MDP Driver Error Handling Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating