SB20250919137 - Input validation error in Linux kernel drm mediatek driver
Published: September 19, 2025 Updated: September 22, 2025
Security Bulletin ID
SB20250919137
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2023-53388)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mtk_drm_bind() function in drivers/gpu/drm/mediatek/mtk_drm_drv.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/36aa8c61af55675ed967900fbe5deb32d776f051
- https://git.kernel.org/stable/c/49cf87919daeeeeeb9e924c39bdd9203af434461
- https://git.kernel.org/stable/c/6a89ddee1686a8872384aaa9f0bcfa6b675acd86
- https://git.kernel.org/stable/c/7b551a501fa714890e55bae73efede1185728d72
- https://git.kernel.org/stable/c/9a48f99aa7bea15e0b1d8b0040c46b4792eddf3b
- https://git.kernel.org/stable/c/a161f1d92aabb3b8463f752bdc3474dc3a5ec0e5
- https://git.kernel.org/stable/c/f3887c771576c5d740c5c5b8bf654a8ab8020b7d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.3