HIGHCVE-2026-43207Published Modified CNA Linux
CVE-2026-43207: media: mtk-mdp: Fix error handling in probe function
In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtk_mdp_unregister_m2m_device() on the error handling path to prevent resource leak. Add check for the return value of vpu_get_plat_device() to prevent null pointer dereference. And vpu_get_plat_device() increases the reference count of the returned platform device. Add platform_device_put() to prevent reference leak.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
00bc43eaf021347f8d5aba87712c36b799695eec612cafc15d24611bfb43c82877b1bbb7454a85d5a2e8f53a7382943411557e370f1a4f3946624a30e5.10.2525.15.2026.1.1656.6.1286.12.756.18.166.19.67.08a8a3232abac5b972058a5f2cb3e33199d2a86489d7962d5c81d6cf3f8dbdb5c71c57600bac5772b9d9c67976eda502edc6b3a148a1c5b6a18b69a98b3fc99fe5b25613dd61c57bc70b8479adff4f60dc8737d33d4e8ffae87e5d5edac17f8a705235cc2
Affected packages
- Linux / Linux< 9d9c67976eda502edc6b3a148a1c5b6a18b69a98 (from c8eb2d7e8202fd9cb912f5d33cc34ede66dcb24a) · < 0bc43eaf021347f8d5aba87712c36b799695eec6 (from c8eb2d7e8202fd9cb912f5d33cc34ede66dcb24a) · < 9d7962d5c81d6cf3f8dbdb5c71c57600bac5772b (from c8eb2d7e8202fd9cb912f5d33cc34ede66dcb24a) · < 12cafc15d24611bfb43c82877b1bbb7454a85d5a (from c8eb2d7e8202fd9cb912f5d33cc34ede66dcb24a) · < c8737d33d4e8ffae87e5d5edac17f8a705235cc2 (from c8eb2d7e8202fd9cb912f5d33cc34ede66dcb24a) · < b3fc99fe5b25613dd61c57bc70b8479adff4f60d (from c8eb2d7e8202fd9cb912f5d33cc34ede66dcb24a)
- Linux / Linux4.10Fixed in 0, 5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H