CVE-2025-23160
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization On Mediatek devices with a system companion processor (SCP) the mtk_scp structure has to be removed explicitly to avoid a resource leak. Free the structure in case the allocation of the firmware structure fails during the firmware initialization.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.13%• Percentile: 31%
Techniques & Countermeasures
- CWE-401•Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Affected Systems
- debian•debian_linux
11.0
- linux•linux
≥ eeb62bb4ca22db17f7dfe8fb8472e0442df3d92f, < 69dd5bbdd79c65445bb17c3c53510783bc1d756c | ≥ f066882293b5ad359e44c4ed24ab1811ffb0b354, < fd7bb97ede487b9f075707b7408a9073e0d474b1 | ≥ 53dbe08504442dc7ba4865c09b3bbf5fe849681b, < 9f009fa823c54ca0857c81f7525ea5a5d32de29c | ≥ 53dbe08504442dc7ba4865c09b3bbf5fe849681b, < d6cb086aa52bd51378a4c9e2b25d2def97770205 | ≥ 53dbe08504442dc7ba4865c09b3bbf5fe849681b, < ac94e1db4b2053059779472eb58a64d504964240 | ≥ 53dbe08504442dc7ba4865c09b3bbf5fe849681b, < 4936cd5817af35d23e4d283f48fa59a18ef481e4 | 3a693c7e243b932faee5c1fb728efa73f0abc39b | ≥ 6.1.130, < 6.1.153 | ≥ 6.6.36, < 6.6.88 | ≥ 6.9.7, < 6.10 | 6.10
- linux•linux_kernel
≥ 6.1.130, < 6.1.153 | ≥ 6.6.36, < 6.6.88 | ≥ 6.9.7, < 6.12.24 | ≥ 6.13, < 6.13.12 | ≥ 6.14, < 6.14.3
References (8)
- https://git.kernel.org/stable/c/69dd5bbdd79c65445bb17c3c53510783bc1d756c
- https://git.kernel.org/stable/c/fd7bb97ede487b9f075707b7408a9073e0d474b1
- https://git.kernel.org/stable/c/9f009fa823c54ca0857c81f7525ea5a5d32de29c
- https://git.kernel.org/stable/c/d6cb086aa52bd51378a4c9e2b25d2def97770205
- https://git.kernel.org/stable/c/ac94e1db4b2053059779472eb58a64d504964240
- https://git.kernel.org/stable/c/4936cd5817af35d23e4d283f48fa59a18ef481e4
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://cert-portal.siemens.com/productcert/html/ssa-032379.html