{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-52888", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:35:00.782Z", "datePublished": "2024-07-30T07:45:54.812Z", "dateUpdated": "2026-05-11T19:34:58.177Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T19:34:58.177Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn't do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_av1_req_lat_if.c", "drivers/media/platform/mediatek/vcodec/encoder/venc/venc_h264_if.c"], "versions": [{"version": "590577a4e5257ac3ed72999a94666ad6ba8f24bc", "lessThan": "5c217253c76c94f76d1df31d0bbdcb88dc07be91", "status": "affected", "versionType": "git"}, {"version": "590577a4e5257ac3ed72999a94666ad6ba8f24bc", "lessThan": "303d01082edaf817ee2df53a40dca9da637a2c04", "status": "affected", "versionType": "git"}, {"version": "590577a4e5257ac3ed72999a94666ad6ba8f24bc", "lessThan": "eb005c801ec70ff4307727bd3bd6e8280169ef32", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_av1_req_lat_if.c", "drivers/media/platform/mediatek/vcodec/encoder/venc/venc_h264_if.c"], "versions": [{"version": "4.10", "status": "affected"}, {"version": "0", "lessThan": "4.10", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.39", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.9", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "6.6.39"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "6.9.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "6.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/5c217253c76c94f76d1df31d0bbdcb88dc07be91"}, {"url": "https://git.kernel.org/stable/c/303d01082edaf817ee2df53a40dca9da637a2c04"}, {"url": "https://git.kernel.org/stable/c/eb005c801ec70ff4307727bd3bd6e8280169ef32"}], "title": "media: mediatek: vcodec: Only free buffer VA that is not NULL", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:18:41.181Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/5c217253c76c94f76d1df31d0bbdcb88dc07be91", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/303d01082edaf817ee2df53a40dca9da637a2c04", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/eb005c801ec70ff4307727bd3bd6e8280169ef32", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52888", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:18:12.133144Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:32:59.812Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/5c217253c76c94f76d1df31d0bbdcb88dc07be91", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/303d01082edaf817ee2df53a40dca9da637a2c04", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/eb005c801ec70ff4307727bd3bd6e8280169ef32", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:18:41.181Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52888", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:18:12.133144Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:13.981Z"}}], "cna": {"title": "media: mediatek: vcodec: Only free buffer VA that is not NULL", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "590577a4e5257ac3ed72999a94666ad6ba8f24bc", "lessThan": "5c217253c76c94f76d1df31d0bbdcb88dc07be91", "versionType": "git"}, {"status": "affected", "version": "590577a4e5257ac3ed72999a94666ad6ba8f24bc", "lessThan": "303d01082edaf817ee2df53a40dca9da637a2c04", "versionType": "git"}, {"status": "affected", "version": "590577a4e5257ac3ed72999a94666ad6ba8f24bc", "lessThan": "eb005c801ec70ff4307727bd3bd6e8280169ef32", "versionType": "git"}], "programFiles": ["drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_av1_req_lat_if.c", "drivers/media/platform/mediatek/vcodec/encoder/venc/venc_h264_if.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.10"}, {"status": "unaffected", "version": "0", "lessThan": "4.10", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.39", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.9", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_av1_req_lat_if.c", "drivers/media/platform/mediatek/vcodec/encoder/venc/venc_h264_if.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/5c217253c76c94f76d1df31d0bbdcb88dc07be91"}, {"url": "https://git.kernel.org/stable/c/303d01082edaf817ee2df53a40dca9da637a2c04"}, {"url": "https://git.kernel.org/stable/c/eb005c801ec70ff4307727bd3bd6e8280169ef32"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn't do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-06T15:37:13.421Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52888", "state": "PUBLISHED", "dateUpdated": "2025-03-06T15:37:13.421Z", "dateReserved": "2024-05-21T15:35:00.782Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-30T07:45:54.812Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "69FBED60-11E7-4C59-9070-D8723029E845", "versionEndExcluding": "6.6.39", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADCC1407-0CB3-4C8F-B4C5-07F682CD7085", "versionEndExcluding": "6.9.9", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn't do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: mediatek: vcodec: Solo libera el b\u00fafer VA que no es NULL En el controlador MediaTek vcodec, mientras que mtk_vcodec_mem_free() se llama principalmente solo cuando el b\u00fafer a liberar existe, hay algunas casos que no hicieron la verificaci\u00f3n y activaron advertencias en la pr\u00e1ctica. Creemos que esos cheques se olvidaron sin querer. Vuelva a agregar las comprobaciones para corregir las advertencias."}], "id": "CVE-2023-52888", "lastModified": "2025-10-07T16:04:13.360", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-30T08:15:02.293", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/303d01082edaf817ee2df53a40dca9da637a2c04"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5c217253c76c94f76d1df31d0bbdcb88dc07be91"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/eb005c801ec70ff4307727bd3bd6e8280169ef32"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/303d01082edaf817ee2df53a40dca9da637a2c04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5c217253c76c94f76d1df31d0bbdcb88dc07be91"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/eb005c801ec70ff4307727bd3bd6e8280169ef32"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: media: mediatek: vcodec: Only free buffer VA that is not NULL", "id": "2301461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301461"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-415", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn't do the check and triggered warnings in practice.\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings."], "name": "CVE-2023-52888", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52888\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52888\nhttps://lore.kernel.org/linux-cve-announce/2024073015-CVE-2023-52888-51c6@gregkh/T"], "threat_severity": "Low"}

{"created": "2025-07-12T22:31:14.038490+00:00", "updated": "2025-07-12T22:31:14.038542+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}