CVE-2023-52491

media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run

References

Notes

 carnil> Introduced in b2f0d2724ba4 ("[media] vcodec: mediatek: Add Mediatek JPEG
 carnil> Decoder Driver"). Vulnerable versions: 4.12-rc1.

Bugs

Status

Branch Status
4.19-buster-security needed
4.19-upstream-stable needed
5.10-bullseye-security released (5.10.216-1)
5.10-upstream-stable released (5.10.210) [43872f44eee6c6781fea1348b38885d8e78face9]
6.1-bookworm-security released (6.1.76-1)
6.1-upstream-stable released (6.1.76) [9fec4db7fff54d9b0306a332bab31eac47eeb5f6]
6.6-upstream-stable released (6.6.15) [8254d54d00eb6cdb8367399c7f912eb8d354ecd7]
6.8-upstream-stable N/A "Fixed before branching point"
sid released (6.6.15-1)
upstream released (6.8-rc1) [206c857dd17d4d026de85866f1b5f0969f2a109e]