Unrated severityNVD Advisory· Published Sep 18, 2025· Updated Jan 26, 2026

media: mediatek: vcodec: Can't set dst buffer to done when lat decode error

CVE-2022-50383

Description

In the Linux kernel, the following vulnerability has been resolved:

Core thread will call v4l2_m2m_buf_done to set dst buffer done for lat architecture. If lat call v4l2_m2m_buf_done_and_job_finish to free dst buffer when lat decode error, core thread will access kernel NULL pointer dereference, then crash.

Affected products

Linux/Kernelllm-fuzzy
Linux/Linuxv5
Range: 5.19

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.org/stable/c/3568ecd3f3a6d133ab7feffbba34955c8c79bbc4mitre
git.kernel.org/stable/c/66d26ed30056e7d2da3e9c14125ffe6049a4f907mitre
git.kernel.org/stable/c/eeb090420f3477eb5011586709409fc655c2b16cmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000