{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-23160","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-01-11T14:28:41.515Z","datePublished":"2025-05-01T12:55:45.405Z","dateUpdated":"2026-05-12T12:04:13.411Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:14:07.936Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c"],"versions":[{"version":"eeb62bb4ca22db17f7dfe8fb8472e0442df3d92f","lessThan":"69dd5bbdd79c65445bb17c3c53510783bc1d756c","status":"affected","versionType":"git"},{"version":"f066882293b5ad359e44c4ed24ab1811ffb0b354","lessThan":"fd7bb97ede487b9f075707b7408a9073e0d474b1","status":"affected","versionType":"git"},{"version":"53dbe08504442dc7ba4865c09b3bbf5fe849681b","lessThan":"9f009fa823c54ca0857c81f7525ea5a5d32de29c","status":"affected","versionType":"git"},{"version":"53dbe08504442dc7ba4865c09b3bbf5fe849681b","lessThan":"d6cb086aa52bd51378a4c9e2b25d2def97770205","status":"affected","versionType":"git"},{"version":"53dbe08504442dc7ba4865c09b3bbf5fe849681b","lessThan":"ac94e1db4b2053059779472eb58a64d504964240","status":"affected","versionType":"git"},{"version":"53dbe08504442dc7ba4865c09b3bbf5fe849681b","lessThan":"4936cd5817af35d23e4d283f48fa59a18ef481e4","status":"affected","versionType":"git"},{"version":"3a693c7e243b932faee5c1fb728efa73f0abc39b","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c"],"versions":[{"version":"6.10","status":"affected"},{"version":"0","lessThan":"6.10","status":"unaffected","versionType":"semver"},{"version":"6.1.153","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.88","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.24","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13.12","lessThanOrEqual":"6.13.*","status":"unaffected","versionType":"semver"},{"version":"6.14.3","lessThanOrEqual":"6.14.*","status":"unaffected","versionType":"semver"},{"version":"6.15","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.130","versionEndExcluding":"6.1.153"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.36","versionEndExcluding":"6.6.88"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.12.24"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.13.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.14.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9.7"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/69dd5bbdd79c65445bb17c3c53510783bc1d756c"},{"url":"https://git.kernel.org/stable/c/fd7bb97ede487b9f075707b7408a9073e0d474b1"},{"url":"https://git.kernel.org/stable/c/9f009fa823c54ca0857c81f7525ea5a5d32de29c"},{"url":"https://git.kernel.org/stable/c/d6cb086aa52bd51378a4c9e2b25d2def97770205"},{"url":"https://git.kernel.org/stable/c/ac94e1db4b2053059779472eb58a64d504964240"},{"url":"https://git.kernel.org/stable/c/4936cd5817af35d23e4d283f48fa59a18ef481e4"}],"title":"media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T17:32:15.840Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T12:04:13.411Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC CN 4100","versions":[{"status":"affected","version":"0","lessThan":"V5.0","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-032379.html"}]}]}}