CVE-2023-53244

MEDIUM 5.5

media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a empty buffer buf->cpu. Later when we free the buffer or access the buffer, null ptr deref is triggered. This bug is similar to the following one: https://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71. We believe the bug can be also dynamically triggered from user side. Similarly, we fix this by checking the return value of tw68_risc_buffer() and the value of buf->cpu before buffer free.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Sep 15, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

e15d1c12c5878b3a80d6573af1721e17264e0286 < dcf632bca424e6ff8c8eb89c96694e7f05cd29b6 e15d1c12c5878b3a80d6573af1721e17264e0286 < 3c67f49a6643d973e83968ea35806c7b5ae68b56 e15d1c12c5878b3a80d6573af1721e17264e0286 < 3715c5e9a8f96b6ed0dcbea06da443efccac1ecc e15d1c12c5878b3a80d6573af1721e17264e0286 < 1634b7adcc5bef645b3666fdd564e5952a9e24e0

Linux / Linux

3.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/dcf632bca424e6ff8c8eb89c96694e7f05cd29b6 git.kernel.org: https://git.kernel.org/stable/c/3c67f49a6643d973e83968ea35806c7b5ae68b56 git.kernel.org: https://git.kernel.org/stable/c/3715c5e9a8f96b6ed0dcbea06da443efccac1ecc git.kernel.org: https://git.kernel.org/stable/c/1634b7adcc5bef645b3666fdd564e5952a9e24e0