This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

Project Subscriptions

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://lore.kernel.org/linux-cve-announce/2025122411-CVE-2023-54103-5493@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-54103 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-54103 cve-icon
History

Tue, 30 Dec 2025 14:30:00 +0000

Type Values Removed Values Added
References

Tue, 30 Dec 2025 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to uncanceled work In mtk_jpeg_probe, &jpeg->job_timeout_work is bound with mtk_jpeg_job_timeout_work. Then mtk_jpeg_dec_device_run and mtk_jpeg_enc_device_run may be called to start the work. If we remove the module which will call mtk_jpeg_remove to make cleanup, there may be a unfinished work. The possible sequence is as follows, which will cause a typical UAF bug. Fix it by canceling the work before cleanup in the mtk_jpeg_remove CPU0 CPU1 |mtk_jpeg_job_timeout_work mtk_jpeg_remove | v4l2_m2m_release | kfree(m2m_dev); | | | v4l2_m2m_get_curr_priv | m2m_dev->curr_ctx //use This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title media: mtk-jpeg: Fix use after free bug due to uncanceled work kernel: media: mtk-jpeg: Fix use after free bug due to uncanceled work
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel

Thu, 25 Dec 2025 00:15:00 +0000

Type Values Removed Values Added
References

Wed, 24 Dec 2025 13:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to uncanceled work In mtk_jpeg_probe, &jpeg->job_timeout_work is bound with mtk_jpeg_job_timeout_work. Then mtk_jpeg_dec_device_run and mtk_jpeg_enc_device_run may be called to start the work. If we remove the module which will call mtk_jpeg_remove to make cleanup, there may be a unfinished work. The possible sequence is as follows, which will cause a typical UAF bug. Fix it by canceling the work before cleanup in the mtk_jpeg_remove CPU0 CPU1 |mtk_jpeg_job_timeout_work mtk_jpeg_remove | v4l2_m2m_release | kfree(m2m_dev); | | | v4l2_m2m_get_curr_priv | m2m_dev->curr_ctx //use
Title media: mtk-jpeg: Fix use after free bug due to uncanceled work
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: REJECTED

Assigner: Linux

Published:

Updated: 2025-12-30T14:03:08.475Z

Reserved: 2025-12-24T13:02:52.517Z

Link: CVE-2023-54103

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Rejected

Published: 2025-12-24T13:16:12.190

Modified: 2025-12-30T14:15:52.413

Link: CVE-2023-54103

cve-icon Redhat

Severity :

Publid Date: 2025-12-24T00:00:00Z

Links: CVE-2023-54103 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.