What the vulnerability does

01Description

An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference.

Key dates

02Disclosure timeline

December 14, 2022 CVE published
April 22, 2025 Record updated