CVE-2023-53812
Description
In the Linux kernel, the following vulnerability has been resolved:
media: mediatek: vcodec: fix decoder disable pm crash
Can't call pm_runtime_disable when the architecture support sub device for 'dev->pm.dev' is NUll, or will get below crash log.
[ 10.771551] pc : _raw_spin_lock_irq+0x4c/0xa0 [ 10.771556] lr : __pm_runtime_disable+0x30/0x130 [ 10.771558] sp : ffffffc01e4cb800 [ 10.771559] x29: ffffffc01e4cb800 x28: ffffffdf082108a8 [ 10.771563] x27: ffffffc01e4cbd70 x26: ffffff8605df55f0 [ 10.771567] x25: 0000000000000002 x24: 0000000000000002 [ 10.771570] x23: ffffff85c0dc9c00 x22: 0000000000000001 [ 10.771573] x21: 0000000000000001 x20: 0000000000000000 [ 10.771577] x19: 00000000000000f4 x18: ffffffdf2e9fbe18 [ 10.771580] x17: 0000000000000000 x16: ffffffdf2df13c74 [ 10.771583] x15: 00000000000002ea x14: 0000000000000058 [ 10.771587] x13: ffffffdf2de1b62c x12: ffffffdf2e9e30e4 [ 10.771590] x11: 0000000000000000 x10: 0000000000000001 [ 10.771593] x9 : 0000000000000000 x8 : 00000000000000f4 [ 10.771596] x7 : 6bff6264632c6264 x6 : 0000000000008000 [ 10.771600] x5 : 0080000000000000 x4 : 0000000000000001 [ 10.771603] x3 : 0000000000000008 x2 : 0000000000000001 [ 10.771608] x1 : 0000000000000000 x0 : 00000000000000f4 [ 10.771613] Call trace: [ 10.771617] _raw_spin_lock_irq+0x4c/0xa0 [ 10.771620] __pm_runtime_disable+0x30/0x130 [ 10.771657] mtk_vcodec_probe+0x69c/0x728 [mtk_vcodec_dec 800cc929d6631f79f9b273254c8db94d0d3500dc] [ 10.771662] platform_drv_probe+0x9c/0xbc [ 10.771665] really_probe+0x13c/0x3a0 [ 10.771668] driver_probe_device+0x84/0xc0 [ 10.771671] device_driver_attach+0x54/0x78
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A null pointer dereference in the Linux kernel's Mediatek video decoder driver causes a crash when PM runtime is disabled on sub-device architectures.
Vulnerability
In the Linux kernel's Mediatek video codec driver (mtk_vcodec_dec_vcodec), a null pointer dereference occurs when pm_runtime_disable is called on a device whose dev->pm.dev pointer is NULL. This happens on architectures that support sub-devices, where the PM runtime infrastructure may not initialize the PM runtime device pointer for the top-level device.
Exploitation
The crash is triggered during driver-internal and triggered during normal probe or removal sequences. No special privileges or network access are required; the vulnerability manifests when the driver is loaded on affected hardware (MediaTek SoCs with video decoder). An attacker with local access could potentially force a driver reload to trigger the crash, but the primary risk is a denial-of-service vector is automatic during boot or module insertion.
Impact
Successful exploitation results in a kernel panic (system crash), leading to a denial of service. The crash log shows a spinlock acquisition failure in __pm_runtime_disable, confirming the null pointer dereference. No privilege escalation or data leakage is indicated.
Mitigation
The fix was committed to the Linux kernel stable tree in commits [1] and [2]. Users should update to a kernel version containing these patches. No workaround is available; affected systems must apply the kernel update.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
4c692a44bc51403e9773388a234fe290090ec9d2f13fb47dcVulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.