CVE-2023-53748

UNKNOWN 0.0

media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup variable *nplanes is provided by user via system call argument. The possible value of q_data->fmt->num_planes is 1-3, while the value of *nplanes can be 1-8. The array access by index i can cause array out-of-bounds. Fix this bug by checking *nplanes against the array size.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Dec 8, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

590577a4e5257ac3ed72999a94666ad6ba8f24bc < 48e4e06e2c5fe1fda283d499f91492eda2248bb9 590577a4e5257ac3ed72999a94666ad6ba8f24bc < b8e19bf3b4aebd855be01b64674187dcf6d1db51 590577a4e5257ac3ed72999a94666ad6ba8f24bc < 8fbcf730cb89c3647f3365226fe7014118fa93c7

Linux / Linux

4.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/48e4e06e2c5fe1fda283d499f91492eda2248bb9 git.kernel.org: https://git.kernel.org/stable/c/b8e19bf3b4aebd855be01b64674187dcf6d1db51 git.kernel.org: https://git.kernel.org/stable/c/8fbcf730cb89c3647f3365226fe7014118fa93c7