CVE-2026-43207

media: mtk-mdp: Fix error handling in probe function

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtk_mdp_unregister_m2m_device() on the error handling path to prevent
resource leak. Add check for the return value of vpu_get_plat_device() to prevent null
pointer dereference. And vpu_get_plat_device() increases the reference
count of the returned platform device. Add platform_device_put() to
prevent reference leak.

*Credits: N/A

CVSS Scores

kernel.orgv3.1 7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-05-01 CVE Reserved
2026-05-06 CVE Published
2026-05-11 CVE Updated
2026-05-12 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/c8eb2d7e8202fd9cb912f5d33cc34ede66dcb24a	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/9d9c67976eda502edc6b3a148a1c5b6a18b69a98	2026-03-04
https://git.kernel.org/stable/c/0bc43eaf021347f8d5aba87712c36b799695eec6	2026-03-04
https://git.kernel.org/stable/c/9d7962d5c81d6cf3f8dbdb5c71c57600bac5772b	2026-03-04
https://git.kernel.org/stable/c/12cafc15d24611bfb43c82877b1bbb7454a85d5a	2026-03-04
https://git.kernel.org/stable/c/c8737d33d4e8ffae87e5d5edac17f8a705235cc2	2026-03-04
https://git.kernel.org/stable/c/b3fc99fe5b25613dd61c57bc70b8479adff4f60d	2026-03-04
https://git.kernel.org/stable/c/2e8f53a7382943411557e370f1a4f3946624a30e	2026-03-04
https://git.kernel.org/stable/c/8a8a3232abac5b972058a5f2cb3e33199d2a8648	2026-01-05

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 5.10.252 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.10.252"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 5.15.202 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.15.202"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.1.165 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.1.165"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.6.128 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.6.128"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.12.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.12.75"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.18.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.18.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.19.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.19.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 7.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 7.0"		en		Affected