PT-2025-37879 · Mediatek+3 · Mt8183+3

Published

2023-07-19

Updated

2025-11-19

CVE-2023-53274

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to clock management on the MT8183 platform. The removal of SSPM (System Software Power Management) related clocks caused issues when converting to a new simple-probe mechanism. This mechanism allocates space for all defined clocks, and the removal created potential out-of-bound writes if there were gaps in the Device Tree (DT) binding or the driver. These errors could lead to memory corruption and system crashes. Adding the SSPM clocks back resolves the issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-188CWE-119

Related Identifiers

BDU:2026-03332

CVE-2023-53274

SUSE-SU-2025:03600-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Astra Linux

Linux Kernel

Mt8183

Suse

PT-2025-37879 · Mediatek+3 · Mt8183+3

CVE-2023-53274

Weakness Enumeration

Related Identifiers

Affected Products

References · 1404